Cyber awareness and the International Cyber Expo
In the lead up to September’s International Cyber Expo, CTB speaks to Lisa Ventura, award-winning Cyber Security consultant, founder and CEO of the UK Cyber Security Association and International Cyber Expo advisory board member.
One aspect of the International Cyber Expo is looking at pandemic cyber challenges. What would you describe as the biggest security challenge from the last 12-18 months?
Ransomware is definitely one of the biggest challenges that has arisen over the last 12-18 months. From the Colonial Pipeline ransomware attack to Solar Winds that affected their whole supply chain, and most recently the Keseya ransomware attack, no organisation is immune to an attack of this nature. The UK Cyber Security Association is part of a campaign called #RansomAware launched by Talion which aims to highlight the growing ransomware threat and is a movement to stop cyber shaming, share intelligence and fight back against the onslaught of ransomware attacks.
Even with furlough ending and business picking up, many organisations are now adopting hybrid working measures for staff. From a cyber point of view, what are the challenges associated with this?
As many organisations will be adopting a new hybrid way of working for their employees, it is vital that from a cyber security perspective they are as protected as possible. Introducing devices back onto corporate networks that have been on home networks carry some risks and having a hybrid workforce presents many unique challenges. With employees using their personal devices at home, work networks are more vulnerable to threats than the traditional working model. Having multiple layers of security is a great defence against breaches, and at a minimum you should ensure that you have a VPN, Multi-Factor authentication, encryption, firewalls and antivirus installed. In addition, all employees should have cyber security awareness training as standard.
How can organisations ensure that cyber awareness is equal amongst all employees?
Cyber awareness training is a strategy used by IT and security professionals to prevent and mitigate user risk. These programs are designed to help users and employees understand the role they play in helping to combat cyber security breaches. Effective cyber awareness training helps employees understand proper cyber hygiene, the security risks associated with their actions and to identify cyber attacks they may encounter via email and the web.
Research suggests that human error is involved in more than 90 per cent of security breaches, so cyber awareness training can help to minimise risk. An effective awareness training program addresses the cyber security mistakes that employees may make when using email, the web and in the physical world such as tailgating or improper document disposal. Ensuring that training is given across the board to all employees is crucial to the success of any cyber awareness training strategy.
As more adaptable technologies become integrated into our lives, more new jobs will also pop up. What are the new skill sets that will be sought after in the near future?
Even before the coronavirus pandemic, technologies such as artificial intelligence (AI), machine learning, data analytics and cloud computing had been growing rapidly over the years (even decades). But in the short space of just a few months they have become essential in today’s society amid the coronavirus pandemic. With such a driving force behind these technological adaptions, demand has grown exponentially for both jobs and individuals with the skills and knowledge which meet the needs of digitally transformed industries and sectors. Some jobs with new skill sets that we are likely to see in the future include Machine Learning Engineer, UX Designer, Robotics Engineer or Cloud Engineer.
Many people view physical security and cyber security as two separate responsibilities. Is this right? Or is a combined approach and understanding more beneficial?
In the past, relying on physical locks and security features was normal. There was no such thing as digital locking systems and CCTV was rather primitive. Today, things are completely different, and since the Covid-19 global pandemic there are now a whole new set of security needs due to the mass move to working from home. This move has left many office buildings empty which has left them wide open to be prime targets for burglaries and break-ins. It is therefore important to combine both physical and digital security in order to ensure your business remains secure even if your office doors remain closed due to lockdown. Ensuring a good mix of physical and digital security is key for maximum protection.
Registration is now live for International Security Expo and International Cyber Expo
Highlighting the growing need for cyber security readiness and the complex environment security professionals are now operating in, the newly launched International Cyber Expo will open its doors at Olympia, London from 28-29 September – providing invaluable opportunities for face-to-face networking and a chance to discover the latest thinking and solutions designed to mitigate cyber threats.
Co-located with the highly acclaimed International Security Expo, two leading industry events under one roof will provide attendees with the perfect platform to identify the very latest technology and services to protect the digital and physical future. Aimed at government officials, cyber policymakers, export leaders and CISOs from around the world, the event will help improve the security and resilience of national infrastructures and business continuity with representatives from the communications, energy, utilities, finance, government, health and transport sectors all in attendance.