You know when an InfoSec topic hits party conferences that either a) they’ve run out of things to talk about, or b) it’s quite important.
This year, the Lib Dems have raised the topics of cloud security and the IT skills shortage.
The first theme addresses the constant background topic of the US Patriot Act. The Act effectively means that if you store data in the US, the authorities can rifle through it without asking you. Since this is undesirable at best, it drives the conversation for UK Public Sector (and probably lots of private sector organisations too) to look at UK-based cloud, or a private cloud. To my mind this rather negates the use of ‘Cloud’ as the correct terminology, since by any definition cloud means without geographic location. Indeed, this is one of its key selling points.
The Obama administration has committed that a quarter of its IT spend for the next few years will be on Cloud-based projects, which is dandy when your geography covers three time zones. However in the UK, Cloud starts to look a little weedy as a concept when major data centres are at best only ever going to be 838 miles apart and that’s not even as the crow flies.
Private cloud, G-Cloud – it looks like it’s all coming to a head soon with the publication of the G-Cloud strategy, but personally I still have reservations. The Lib Dems have been right to raise it, and it needs more thought. Shared Services yes, virtualised hosted apps, yes. Cloud in its truest sense? Still no as far as I can see…
Of more strategic importance however is the skills shortage. I’ve mentioned this before, but let’s be clear. The UK is walking into a future of importing technical skills, as we have a generation of people that do not really understand IT. The current crop of 15-25-year-olds are totally comfortable with consuming IT in its many guises. Who hasn’t nearly been bundled over by someone sporting earphones and furiously texting whilst walking along the street? (In their defence most people I know of my age do this too, thereby sealing the argument on my ‘yoof’ credentials). This however, does not demonstrate an understanding of technology, anymore than driving a car makes you a mechanic.
Basic economics dictate that a shortage of supply increases prices, and given we have been rather lackadaisical about teaching people on this topic, whereas places like India and China spend countless millions training their kids, we are looking down the barrel of increasing prices and importing talent. And from an insular point of view, are we keen on foreign nationals being the mainstay of InfoSec deployments?
So, kudos to the Lib Dems for understanding this and pushing it. UK plc needs to focus on these topics to enable us to deploy economically, prudently and securely, and I fervently hope that both the Labour and Conservative parties look to deploy similar policies.