“The global competition for information, infiltration and exploitation is real,” opened Ian Thornton-Trump, head of cyber-security at AmTrust Europe, during a rasping keynote on the politics of cyber-crime at a recent Capital One Cyber London Meetup.
Candid. Insightful. Entertaining throughout. Thornton-Trump spoke with passion and depth on the role of security to protect organisations, countries and even democracy itself. From covert operators acting to rig voting decisions to the theft of intellectual property triggering international trade wars, we’re in an unprecedented era of global cyber warfare.
So what can we do to protect ourselves? Well, starting with regulatory compliance certainly isn’t the answer, according to the AmTrust security leader. “If you’re doing security for compliance, you’ve lost the battle. Compliance should be the result of your security measures,” he said.
From a comms perspective, communicating your commitment to securing your employee, customer and partner information is critical. And it can’t just be paying lip service to the debate, or you’ll soon be found out. As Thompson-Trump indicated, state-sponsored cyber-attacks will rarely target government departments themselves, rather going after their supply-chain, partners and the wider eco-system.
With the Kremlin and North Korean governments – among a multitude of others – on the hunt for information and intellectual property, we’re all a target.
Michael Woollett, European sales leader at Jazz Networks - whose analytics platform aims to supplement and replace existing cybersecurity solutions by empowering employees - believes people and technology must combine to protect organisations from such threats.
“Education and training are key to empowering employees to have better security habits but not enough alone,” he said. “AI/ML/UEBA are almost the only alternatives technologies to keep pace with the growth of business systems and maintain security vigilance. There is a distinct need to replace the onerous mundane tasks with technology that can provide automation and enable informed decisions with the context in real-time.”
Today, trust and transparency are high on the agenda for business and political leaders – and the safeguarding of data will be paramount for everyone in this respect. Communicating your data strategy should form part of this objective. Far from putting a target on your back, doing so will showcase the importance you place on privacy and security – something your customers will no doubt appreciate.
We live in a world of competing nation states, proxies of those states and non-nation state actors. This competition manifests itself in any number of ways – conflict, sanctions, restrictions, embargo, assassinations, etc. Clausewitz's suggested “War as politics by other means” so, the natural conclusion is cyber espionage, cyber-attacks and cyber influence operations, are merely manifestations of a policy clash between two or more competing powers or proxies. Or are they?