Cyber Security - Is It Identity Theft or Identity Gift? – Part 1
28th October 2015
Following last week’s excellent cyber event (Ever Been Hacked…Off?) - organised by the Milton Keynes Business Resilience Forum (MKBRF) at the likeliest of places, Bletchley Park - I am compelled to spring into action with a blog surrounding the speaker(s) content and the events of the day.
The day of course started with the obligatory bacon butty and cup of coffee, most welcome given the miserable weather.
Following the introductions, the morning’s first speaker was announced by the Chairman of the MKBRF, with the most unusual preamble – “no pictures, no notes and no sharing of content on social media”. Chatham House rules – all I’m allowed to tell you is the speaker from the Centre for the Protection of National Infrastructure didn’t look like Bond, but he had the ability to make your blood run cold with his knowledge.
He covered the following topics in the brief 30 minutes, and he could have presented for hours such was the style and intriguing content, all of which I now have permission to publish:
- Cyber attack types – yes, there are options for how the hackers decide to target you and your business
- Threat Intelligence – yes, he even knew when the hackers were taking lunch!
- Emerging technologies and how data can be mined – are you familiar with ‘social engineering’?
- Business continuity planning in the event of a cyber attack
- Staff training and awareness – is this even a consideration at your workplace?
If I wasn’t worried at this point, we were then treated to Cyber Essentials standards from the Cyber Security Assistant Director, Digital Economy Unit from the Dept. Culture, Media and Sport, just to ramp up the threat level!
At this point in the morning pre-coffee and biscuits, we explored the ‘Tier One threats’ to the UK’s national security and they are GROWING..!
It was interesting to learn that this particular government department has had its budget increased such as the importance of the developing cyber threat. Intent: Culture not Compliance!
We were then introduced to the Cyber Growth Partnership, a collaboration across academia, government and industry. Find out more here.
The Assistant Director then explained the various examples of tools that are so easily available online, and their ‘user’ cost. Now, this was really concerning as we discovered you can buy your own attack tools. My particular favourite was ‘sqlmap’ – an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over a computer – it was all too ironic that the following day the attack on TalkTalk was announced, in exactly this way..!
To summarise part one of this blog, only because there is so much more from the event to report on, it was made all too clear that cyber-attacks are undertaken on an industrial scale, that networks and websites lack security measures preventing penetration, and that the potential damage to a business – Ashley Madison and dare I say TalkTalk now – can be considerable.
In part two we will explore live case studies, integrating Information security and business continuity into everyday commercial processes, and importantly the cost of public failure to manage cyber security and business continuity management. While you're waiting for the next instalment, take a look at the BBC's Six things firms should do to improve cybersecurity.
At SilverDisc, news and events like this are important to us. Website security comes first, as everything else relies on this. We build powerful, secure websites you can rely on. Our web management team each have over twenty years of experience and has worked for government agencies as well as in the private sector on a number of high-security projects. It is SilverDisc’s intention to bring this ‘Ever Been Hacked…Off…?’ event to Northants and for the benefit of surrounding counties, to help businesses Deter, Protect, Detect, React and Recover from cyber attacks..!