Cyber Security has become a critical competency for most businesses and despite increases in spend, an increase in complexity and a shortage of talent means the threats are bigger than ever.
Wired tell us that in 2017 we have seen an inordinate number of cybersecurity meltdowns, Cisco tell us 44% of security alerts are never investigated and McAfee tell us we need to “reduce asymmetry of information between us and adversaries” (get smarter).
This is tricky when your adversaries are state sponsored; the Wannacry ransomware which caused so much trouble for the NHS is attributed to North Korea.
Artificial Intelligence is being used to detect security breaches, but is also capable of causing them too, and incidentally, can perform better than a group of lawyers at predicting case outcomes (allowing for caveats).
The majority of cyber related incidents are still down to human fallibility:
If you put all your important files on a USB stick, and drop it in the street thats an issue that could have been mitigated if the the device been encrypted.
‘ComboSquatting’ exploits user behaviour rather than technical backdoors.
Password re-use is a perennial issue. Employees use around 190+ passwords to enter 140+ times in a given month, racking up an estimated 36 minutes of password data entry during that time. Thats 7 hours a year you could be doing something much more fun.
The National Cyber Security Centre has released handy tips for UK businesses and some enlightened organisations from Global to The Daily Telegraph are starting to share knowledge; or maybe we just need a hard surface and a finger, an awesome shirt, or a really unusual bracelet?
*Thanks to Bruce Perrett for his contribution and Gilbert Verdian for being a model.