Cyber is not one of those things I write a lot about. It’s not the easiest of things to build a tale around, yet it lies at the very heart of what we do as organisations. It is a hugely important subject and should occupy the mind of anyone who has a responsibility to lead an organisation. It is a subject that is worrying rather than exciting.
It is not just us, even the national government is on it. You may have seen the recent launch of the National Centre for Cyber-Crime and the National Cyber Strategy. The subject came up at the latest meeting of the North East Combined Authority Digital Leads group. We felt it would be a good idea to note all the different groups that are involved in this important subject across the region. Cyber security is a multifaceted problem and there are many people involved in addressing the problem. Even the Queen gets a look in.
Being multifaceted means this is not just a technology issue. Yes, technology is at the very heart of the problem, cyber cannot run without it yet it can be argued, as with all crime, that it is money and power that is the real cause. Cyber security is a problem because the data we deal with has a financial value. Cyber-crime works. Cyber-crime does pay.
Technology has to play its part but the biggest threat comes from the human element of the equation. It is people that commit the crime and it is people that are the victims. People let their guard down, they are not vigilant, they see security as a disabler rather than an enabler, they don’t like passwords and they tend to worry about security only after the event.
People are the weakest link in the chain and a strong focus is needed on learning and understanding. Security needs to be at a level that is appropriate but if in doubt, don’t, and if it looks too good to be true, then don’t.