By Huw Martin
During my many years as a struggling student I spent much of my time travelling between Derby & Manchester seeking fame and fortune – with the misguided belief that I was going to be famous – with my mighty band Reluctant Buffalo (thankfully prior to the internet, before you go Googling!)
During that time I lived in various student flats, and for the most part felt pretty safe. The same can’t be said for some of my band-mates who had a few minor challenges – one involved in an armed robbery in a bank in Whalley Range and the other robbed at knife-point on a bus in Manchester, but that’s a different story!
Bizarrely the most secure I ever felt during these years was whilst working as a temp security guard for EB Dog patrols in a derelict school in Moss Side.
Where am I going with this long winded tale you may ask?
The reason I felt secure was not that my beautiful canine (I can’t remember his name but it was something like Dave or Colin) was a killing machine, but it was the perception of strength that gave me confidence irrespective of the dog’s more likely action which would be to lick my attackers to death as opposed to biting them.
The same can be said of any type of security – especially cyber security.
Criminals looking to steal something will look for the path of least resistance and the same applies to cyber crime.
We were co-sponsors at the recent #ScotSecure conference by Scot-Tech in Edinburgh and heard from a number of speakers and delegates about the challenges and opportunities facing companies with regard to security. The speakers were consistent in their messages that we all at some point will be targets of cyber crime in the years ahead.
Plan for when, not if.
The days of leaving your house door open so ‘Graham the Milk’ (Valleys folk will understand that reference!) could just wander in are long gone! We now protect our homes and businesses from physical attack, so what are we doing to protect against the inevitable breaches that will come from the threat of cyber criminals?
Detective Superintendent Steve Wilson from Police Scotland shared with us some of the really worrying stories ranging from activist hackers who break into systems just because they can, to organised criminals who have taken to this new form of criminality like ducks to water, and terrorist groups using bitcoins and ‘the dark web’ to fund or shield their illegal activities.
The sophistication of these gangs is as stunning as its frightening, and is no doubt one of the major reasons why police forces across the globe are having to deal with jurisdictional challenges on a daily basis to try to enforce the law, whilst also skilling up as quickly as possible to combat this ever-evolving threat.
The other key speaker was a passionate Welshman called Tony Neate from Get Safe Online who spent his time reminding us all that fundamentally we are all targets, and that the most basic of transactions and interactions can have a negative outcome unless we all take precautions. Whether it’s protecting your PC or devices with antivirus software, ensuring your children are protected while they’re using social media, or your securing your business against the sophisticated attacks from criminal hackers and fraudsters.
One thing that Tony mentioned which I found particularly interesting is that he has created a separate online persona, whereby the details he gives and leaves online are slightly inaccurate, so that people can’t pretend to be him. Whether is a subtle spelling of his name or a different name entirely, this means fraudsters can’t build a fake Tony, as he’s done it himself! Its an interesting shift, seeing that now perfectly honest people are now creating fake personalities as well as the criminals!
Also among the delegates at the conference I met someone who worked for an IT security company. He had multiple gadgets, spoke passionately about technology and cyber security, and yet doesn’t ever buy anything online. What? Excuse me? You’re a tech savvy individual at a tech conference and yet you don’t buy anything online?
This intrigued me as I’m all too quick to top up my Starbucks or PlayStation accounts with money from my bank card. I’m sure we all will be stunned by the amount of digital fingerprints we have left out there on the web. It worried me that this person may know something that I don’t – its like the analogy of only panicking on a plane when you see the flight attendants looking worried!
So what can we do?
In the words of a boxing coach – protect yourselves at all times.
As a medium-sized business who has a huge range of customer and employee data, we rely on trusted partners to keep us safe from security threats. As businesses we can try to protect ourselves, but as the speakers at ScotSecure all were keen to point out, it WILL happen to us all – it’s just how to minimise the risks and be able to respond once it happens.
As individuals it’s slightly different as the risks are huge (I don’t have an outsourced company providing advice and guidance in everyday life). Identity management/protection seems to one of the major challenges we now face. Given the example above of how real people are now faking their profiles as well as fraudsters, it seems the web is going to continue to be a challenge for people to know what is real and an opportunity, and what is fake and a threat.