Does cybersecurity need just a little more passion?
How do you go about building a better mousetrap? This question is often thrown out at a range of meetings, from school Design & Technology lessons, through to corporate strategy and team building gatherings. Is the mousetrap a perfect resolution to the threat of vermin infestation? Can it be done better?
This question is actually not about the mousetrap at all and when it is posed the ensuing discussion usually arrives at the conclusion that in order to build a better mousetrap you firstly require a genuine passion for the eradication of mice.
If you have passion for a subject, then you will overcome all the hurdles, you will level out all the speed bumps in the road towards your utopian destination. If you have ever experienced passion then you know how all-consuming it can be, you get into a genuine state of flow and no longer does it feel like a burden, more a calling. Now I don’t mean to get all ‘life coach’ on you here, but could cyber security benefit from an injection of real passion?
The IT industry does not have the most dynamic of reputations, with the exception of what happens at the keynote events of Google, Apple or some other industry behemoth, and despite how IT has actually changed the world, it has not really gained the professional credibility or respect of more established professions. If IT as a whole suffers from that reputation, then cyber security is ITs annoying little brother.
There can be a whiff of international espionage about cyber security, that gives it a bit of glamour, but it’s really not enough to inject the levels of passion into it in order to generate the confidence in the end user that this battle against a rising crime wave is actually going to be won.
I have been very fortunate to meet, interview, discuss and debate with many of the leading lights in the cyber security industry and I can say without fear of contradiction that they are dedicated to mitigating the risks facing us all. Their attention to detail, their work ethic, the continued focus on closing off more and more exploitable vulnerabilities in the widest range of technology deserves recognition and the appreciation of all who have been protected by their work. I just want to see and feel some passion.
Passion induces confidence, that the seemingly impossible can become possible. That not only will threats be neutralised, but future protective measures will be impossible to compromise. But would anybody be willing to stand up and engender the passion and confidence needed to win over an ever increasingly sceptical general public that the criminals will ultimately be defeated.
I have witnessed passion regarding cyber security once and it came from an unexpected source. During a presentation on cyber liability insurance, a subject that even the most committed professional may find lacks a certain ‘something’, the presenter picked up a laptop and took a hammer to it! Right in front of us all, smashed it beyond repair. Why would he do such a thing? Because he wanted to make the point that companies are willing to insure products, products that can be easily replaced, but were less inclined to insure their data. It is the data that has the value, not the receptacle in which it is contained. Therefore, and as this memorable demonstration showed, insure your data from loss, compromise and from theft.
That was passion, that was somebody standing up and saying that the current mindset on, of all things insurance, was no longer fit for purpose in this new cyber charged world.
Thanks to the continued efforts of all in the developing cyber security industry I have every confidence that in years to come cybercrime statistics will start to fall. Admittedly they may get worse before they get better, but in the end this invisible threat will be managed and contained to acceptable levels.
We will build that better mousetrap? Yes, but I just hope that it is built because of a passion to eliminate this most modern form of destructive vermin.