With the publicising of ever more alarming breaches of computer security at companies, there is no doubt that more and more business owners finally are becoming aware that they have to at least do the minimum to protect themselves from such attacks.

A starter kit for such owners is available at an Internet site launched by UK Online for Business.

The information is designed to help small business keep abreast of the latest Internet threats and how to combat them - without having to wade through a lot of jargon.

The site is a joint effort by the UK's Department of Trade and Industry and businesses.

The site draws together a range of tools, advice and guidance on core areas of online security for businesses (www.ukonlineforbusiness.gov.uk/informationsecurity).

The resources section reviews five key security breach areas: viruses, theft, inappropriate usage, unauthorised access and systems failure.

A questionnaire helps a company make a self-assessment of the risk of suffering a security breach.

A glossary provides a jargon-free description of about 90 security terms.

The advice pages cover a range of topics, from e-regulation and funding through to skills, training and tax.

While this particular section applies to UK businesses, the site overall could be useful to small businesses in Bermuda as a sort of starter kit on computer security.

The site also lacks any updated news on current security concerns and how to prevent them.

For that kind of information I recommend the Hong Kong Computer Emergency Response Team's site at: www.hkcert.org.

The European Commission also is set to announce Europe's first cyber-security agency.

Proposals were published this week for a European network and information security agency, which the Commission hopes will raise levels of IT security and act as a central exchange for information on security.

The agency's duties will include co-ordinating the work of public and private computer emergency response teams, and helping to distribute warnings of security threats and information about software fixes.

Yesterday there was a SANS free webcast on legal liability for security breaches.

The information should have been useful for Bermuda-based sites selling into the US.

The speakers included Mark Rasch, a former head of the US Department of Justice's computer crime and intellectual property section, and Hal Pomeranz, a teacher of security techniques.

An IDC study says the cybersecurity market will grow to US$45 billion by 2006, compared to US$17 billion in 2001.

Security hardware is expected to offer the greatest growth opportunity, with a predicted 25 percent compound annual growth between 2001 and 2006.

Another positive sign for the security conscious is the announcement by Microsoft last week that it is developing add-on security technology for its soon-to-be released Windows Server 2003 operating system that will allow organisations to protect corporate documents such as e-mail messages and data files.

The Windows rights management services will be able to enforce protection policies by controlling who can access specific content and what access rights they are granted.

Companies will be able to restrict content copying, forwarding and printing in applications such as portal, e-mail and word-processing software.

What's the latest news on security breaches? This week Omaha-based Data Processors International Inc. acknowledged that millions of card numbers were stolen a few weeks ago when someone hacked into its computers.

The company said the stolen data "did not include any personal information that could relate a card number to an individual".

This week watch out for the LoveGate worm, a variant of a mass-mailing computer virus that began attacking computers worldwide on Monday.

The virus installs a Trojan horse program that allows a remote intruder easy access to a victim's system or network, antivirus experts said.

McAfee Security says the worm opens a port on the infected computer and will send an e-mail notification to the hacker that the computer has been compromised.

The information may include the system password.

The worm propagates itself by replying to messages as these arrive in your e-mail program, including those in Microsoft Outlook.

A program to remove the virus from an infected computer is available at the Symantec Internet site: http://securityresponse.symantec.com

****

Tech Tattle deals with issues in technology. Contact Ahmed at editor@offshoreon.com