I know some of my friends and family read this blog and think ‘I have no idea what he is banging on about (except when he’s complaining about Bristol City again*)’ – so, for their benefit and others with similar issues, I’d recommend having a look here at what these people do: www.cpni.gov.uk. This should hopefully give what I do some context, especially if you then go here: www.sophos.com which is the company I work for.
And so on to today’s Blog proper…. The recognition of the Cyber Threat by the National Security Council was the number one news item today. I’ve gone from being the geeky one at dinner parties to the geeky one whose job people now vaguely understand. This makes a pleasant change, and it lengthens the time between me saying what I do, starting the explanation, and the eyes of the dinner party target of my conversation glazing over before then furtively seeking eye contact with someone else on the table. The great joy of this is maintaining the eye contact just long enough to watch them fumble for a question that makes them look interested and slightly understanding, before releasing them to talk in a relieved fashion to the chap next to them who turns out to be an Accountant. It’s the little pleasures that makes these events sooo much fun.
It seems that we in IA have definitely gone mainstream. This is a good thing. The problem has been for a long time that what we do has not been taken seriously, by Civil Servants, Senior Managers and our wives and partners. Now, suddenly, people are clocking the link between the deluge of unwanted Viagra emails in their inbox, and the fact that critical systems are under attack. A week or two ago it was Iranian Nuclear Power stations. Before that it was something else and you can bet your boots lots more goes on that doesn’t make the news. I genuinely believe that we have reached a tipping point. We, as a society, are so reliant on computer systems to make everything tick (e.g. try booking anything and NOT doing it online anymore) that protecting it from attack is as important as protecting the water, gas and electricity infrastructure. A Local Authority was taken out of action for a few days by a single virus because of lax security policy – this should be treated as unacceptable in this day and age. The only excuse for this sort of thing now is technological, and even that is only applicable if you have done everything reasonable beforehand. Soon, Joe Public will understand what this means and it will start asking ‘why does this keep happening?’ and when that happens, the pressure on organisations will ramp exponentially.
The Coalition has stated that the Cyber Threat is a priority, and organisations now need to heed this and step up to the plate. This is no longer the plea of a bag carrying rep working in the software industry, but of someone who believes utterly that the threat is real, now, and more vicious than ever. And frankly, I don’t need to be explaining this to the poor lady to my right at the dinner party. I know she’d rather talk to the Accountant, but once I get the bit between my teeth, only the pudding course’s arrival is going to slow me up.
*Seriously chaps. Cardiff? Please stop it