Print Page | Contact Us | Sign In | Join now
Cyber Security Briefing: security liberates organisations
Share |

 


Cyber security briefing: security liberates organisations

THE SEVERITY and frequency of cyber attacks is the most pressing issue facing the information profession, according to CILIP’s first Cyber Security Briefing.

Sarah, a ­senior representative of the National ­Cyber ­Security Centre (NCSC), gave the ­keynote speech saying the NCSC had dealt with 1,300 cyber attacks in its first year. Of these 590 were classed as significant, 30 ­required cross-government action, and one – Wannacry – was the first ­Cobra-level ­cyber attack. She discussed NCSC’s role and its concerns about the potential impact of cyber crime on consumer confidence, pointing out an Office for National Statistics claim that people are 20 times more likely to be held up on their computers than on the street.

She said that while there were ­issues about preparation for GDPR, its ­introduction will improve our understanding of the cyber security landscape as firms face much harsher fines for late or ­inaccurate ­reporting of breaches. She said that fines issued last year by ICO that came to £1m would be around £69m under GDPR.

Her information specialist colleague described internal practices the NCSC had implemented to protect itself and how it had negotiated its way between security concerns and the ability to operate effectively in the digital universe.

She also mentioned issues around using online tools like Trello, Jira and Conference, with security-minded institutions questioning where data ends up.

The cultural disconnect between security and information professions was also ­discussed with Jonathan Lloyd White, Chief Information Security Officer at Sumitomo ­Mitsui Banking Corporation Europe Ltd. He said: “The security world has a tendency to use technical, law ­enforcement and military terms such as ‘threat ­actors’, ‘kill-chain’, ‘weaponization’ and ­‘obfuscation’ – a good thing in the security lexicon!

“To non-security professions these no doubt seem aggressive, violent and off-putting.” He added that security professionals may be slow to balance the pros and cons of new technology before allowing a move. He said his own experience had been a voyage of discovery, learning how the risks of new technology were often balanced with strong ­security and business upsides, including increased visibility on how information was created, used and stored.

On the same topic, Daniel Selman, Acting Group Data Protection Officer at ­Informa, said that security should be seen as an ­enabler, not as an impediment. He shared an analogy from cyber ­security expert Martin Smith, likening information security to the brakes on a car. ­Without brakes it cannot travel ­safely, the better its brakes the faster it can go. Daniel said that seeing security as the enabler for more ­dynamic activity, rather than its preventer, will help change how it is ­approached.

Karen McFarlane, Chair of the CILIP Board and former Government Head of Profession for Knowledge and ­Information Management, said more ­cyber ­security briefings were being planned in the future.

 

 

Contributor: Information Professional
 
Published:  15 November 2017

 

Related content:   UK eInformation Group

 

 

More from Information Professional

 

News

In depth

Interview

Insight

 

 

This reporting is funded by CILIP members. Find out more about the

 

Benefits of CILIP membership

 

 

 

Sign Up for our non member newsletter
Contact us