13 December 2016
Blogs by author: Bryan K. Fite, Account CISO, BT.
2016 was the year of the hack — but we’re approaching a tipping point. It’s time to stop looking for the elusive silver bullet and start taking responsibility for our cyber security.
2016 — the year of the hack.
As I prepare for the holidays and take stock of the state of ‘the hack’, 2016 will go down as another record-breaking year. Hacks, cybercrime and cyber-physical skirmishes abound.
In case you missed them, here’s my list of noteworthy incidents:
- Ukraine power grid.
- Democratic National Committee.
- Wendy’s Fast Food Restaurants.
- Department of Justice (US).
- Internal Revenue Services (IRS).
- Numerous healthcare organisations.
…and likely numerous attacks yet to be publically acknowledged.
And from just this brief list, disturbing trends become painfully obvious: nobody is safe, even governments can’t protect themselves and, for many hackers, crime pays — with ransomware a particularly lucrative criminal enterprise. So why am I optimistic and excited about the coming New Year?
2017 — the year cyber security will hit back.
I’m not excited because I think things will get any better in the short-term, but because I’m anticipating a tipping point in cyber security. There’s now raised awareness among stakeholders and populations who were previously apathetic, unaware, oblivious or disinterested. Even those without ‘security’ in their job description are beginning to take an interest in their cyber safety.
At this year’s Dayton Security Summit and ISF World Congress, I had some incredible conversations with professionals, neophytes and civilians. Hacking and security has moved beyond an interesting novelty or something to be feared, to the mainstream. Even cool. It’s chic to be geek!
Humans can do amazing things when we’re properly informed and sufficiently motivated. I think we’re approaching a sea change when humans will stop looking for a silver bullet or the cavalry to save them from cyber crime and instead start to practice basic self-defence and due diligence — like when one crosses the street.
Nothing worth having comes easy.
The simple fact that people are starting to talk about these issues, and realise that what happens in cyber space can impact them in the physical world, speaks volumes for our potential. I’m not saying it will be simple or that we are out of the woods — but nothing worth having comes easy.
For too long we’ve assumed the benefits of technology come at zero cost. The truth is, all of the benefits we enjoy from technology and cyber-physical systems, have a (sometimes disproportionate) potential for harm.
Just like when worlds collide, when cyber and physical system elements come together in new and novel ways — connected cars, smart cities and embedded systems — there are intrinsic risks.
Taking responsibility for our cyber security.
It won’t be a single domain, population or nationality that will devise ways to make the world safe and secure, protecting everyone’s private information. Rather, innovative and diverse humans with varied motivations, skills and experiences will ensure that we survive and thrive.
So, as we reflect on the last 12 months and look forward to the coming year, rally behind the banner of 23 chromosomes and hold on tight, the future is now and humans rock!
For more information on cyber security and risk management, take a look at our website. And if you’re intrigued to read more about why ‘humans matter’ when it comes to cyber dangers, my last blog can be found here.