Cybersecurity or cyber resilience as I prefer to call it is occupying a lot of my time and mental space these days. I think about it during the day, I mull it over during the evening but having it for breakfast is another matter yet when the Journal, one of our local newspapers, put on a breakfast event on the subject I thought ‘why not?’
Working to try and coordinate related activities across the region is one of the pieces of work that I have picked up. It was a well organised event even though I arrived late and missed the bacon sandwiches. (I am supposed to be semi-retired after all!) The room at the Centre for Life must have had eighty to a hundred people there. Of course, I new several of them. These are the circles in which I move.
Cyber is an interesting if not confusing subject. Like digital, it is one of those concepts or subjects that people talk about yet means different things. Each of the panel members brought their own perspective to the issue. Here are a few:
- There is no such thing as cyber security, only cyber resilience.
- 50% of all SMEs have suffered from a cyber security breach (The others don’t realise it yet!)
- Assurance, budget and adoption are the three big challenges
- Microsoft spends 6% of its budget in security apparently
- Adoption is the new training
- Being cyber savvy creates business opportunities, raises profile, shows intent and delivers accountability
- The main threat from a cyber breach is that your name becomes synonymous with bad security
- Without fail, it is the senior people who fall for a phishing attack
- Enacting behavioural change is what is needed yet it is hard
- Beware of who is using your fitbit data, you never know how it might affect things like insurance in the future.
At the end each member of the panel was asked of one piece of advice that they would most like to give to combat the cyber threat. This is what they said:
Maryam Mehrnezhad from Newcastle University – Don’t be scared of being trained in cyber security, it is not as hard as it seems.
Michael Easom from North P&I Club – Assess your risks and talk to your people.
Asam Malik from PWC – Adopt a mindset of when it is going to happen and not if it is.
Colin Gillespie from North P&I Club – Prioritise cyber at board level.
Dan Hoggan from Mediaworks – Make everyone aware of the threat and their responsibility.
Helen Brain from Square 1 Law – Know what data you hold.
I made sure I went and spoke to as many of the panel as I could. You never know when they might help.