Here are some of my early observations as a noob on the wacky world of cyber security.
(1) It’s complex. Lordy is it complex. No one really seems to understand it. We don’t even really grasp the scope of the risks. That explains why even our hospitals are vulnerable to relatively simple cyber-attacks. That should worry us shouldn’t it? If all the PhD’s in the industry don’t get it, what chance do we have? To paraphrase Whoopi Goldberg in Ghost :-
(2) We’re told North Korea is a backward nation, cut off from the world & isolated from everyone. Yeah – even if they are, they still managed to (digitally) pull the pants down on businesses & organisation across the world. What does this teach us? Well, we are told that cyber-crime is a relatively easy game. That’s not good. Also, it gives an amazing new avenue for any Bond villains redundant since the Cold War.
(3) I went to a cyber security event last week. I came away with a stack of brochures. And some branded socks. For some reason, everyone was giving away branded socks. One of the big messages was that there’s a skill shortage. The industry goes on & on about this one. Metaphorically, they’re hammering pieces of wood over the windows and locking the doors, they’re so short of qualified people. And yet, as a noob, there are multiple qualification & accreditation paths & little in the way of a structured route into the professional for career changers. Basically, it stinks of professionals that have a vested interested in keeping the pool of qualified talent limited. The only real growth is in people to write more articles about how short the industry is of qualified professionals.
(4) A snotty but smart teenager who spends a lot of time in his bedroom can bring the FBI & the US Army to its knees. Seriously, if these guys can’t defend their digital baggage then why bother renewing that McAfee subscription. (Seriously though, do keep your virus protection updated. It does do something, apparently.)
(5) No one cares about data until it goes where it shouldn’t. Edward Snowdon taught us this. Of course, a few people worry about it. But, most of us need a saline drip just to stay alive in any data protection training. It’s just below going to the dentist on everyone’s ‘what I don’t want to be doing’ list.
(6) There are lots of different aspects to cyber security. I learnt this from a brochure. There’s the network stuff – that’s all I really knew about. There’s the software angle. Even the people angle. Who would have thought it? I met the National Cyber Security crew from MI5 at the conference. Their ethos is ‘a pratt with a USB stick is just as dangerous as a Russian hacker with a bit coin account.
(7) Finally, block chain is nothing to do with plumbing. I read an article on it but still do not understand entirely what it is. I know it’s good to drop into conversation if you work in tech circles. You should also try Gamification. That’s another good one. Block chain is a buzzword. We should really find out what it is.
If in doubt – What the F*&* is Blockchain?