The former daily newspaper, The Independent, ceased its print edition last month but continues online. It published something earlier this week that I thought was essentially an oxymoron – a map of cybercrime. Surely cybercrime happens online, thus is devoid of any specific geographical connection. The map that they refer to was developed by the financial technology firm Intelligent Environments and does make for interesting reading. It’s headline statistics stated that those living in London are the most likely to have been victims of cybercrime, with 27 per cent saying that they had been effected. This was followed closely by residents of Norwich on 23 per cent and then Birmingham, Bristol and Manchester with 21 per cent.
They pointed out that Birmingham is Britain’s city most concerned with cybersecurity, with 57 per cent of residents concerned their online banking details will be stolen. It does seem that this survey, understandably so, focused on mainly financially related cybercrime, specific to individuals. As we know cybercrime can involve information, intellectual property, personal details and more. Would it be even possible to map all of that? I wonder if there is a correlation between the financially related cybercrime that was surveyed and other statistical information, such as wealth, or connectivity, or education? Hopefully some statisticians will take this data and then cross reference it with something else to determine the reasons that cybercrime is peaking in certain locations.
What it did show is that in general over 50% of those surveyed are concerned about becoming victims and would like more advice and assistance. For those of us working in and around the cyber security industry it’s easy to forget that there are still millions of consumers who really need help. If I had been the author of the survey, that’s probably the headline I would have gone for.
The human error element of cyber security gets discussed all the time, in every briefing, report, conference speech and blog. Information Age discussed it again this week, stating that by 2020 it is estimated that there will be over 4 billion people online, coupled with the Internet of things (IoT), will mean that there could be as many as 26 billion devices interconnected around the globe. In amongst this growth the weakest link will remain as the human. Why? Well as Information Age say “People are inconsistent. Some care about protecting themselves online, while others do not realise the dangers which exist. Some are cautious about opening email attachments, some are not and often live to regret it”. Thieves understand this and exploit the human element, especially when humans are pressured by deadlines, targets and other office related issues that demotes concerns on security to a lower level of priority.
The answer, as always, is about training, influencing and persuading people to be aware. Cultural change, developing everyday practice and making people safe online will all help, but there is no denying it is going to take time – but is there enough time between now and when we have the predicted 4 billion people connected? That’s down to businesses and individuals to decide for themselves on a case by case basis. Now that may sound like a glib comment to make, but if you can cast your mind back a few years when eCommerce came about some companies embraced it, some didn’t. Some businesses missed the boat forcing them to shut up shop, some made it a core part of their sales strategy seeing it as an opportunity for growth and greater prosperity. These lessons will be learned again as cyber security becomes part of a business strategy. There will be casualties and then there will be those who benefit greatly from providing their customers, suppliers and employees with a safe and secure working and trading environment.
Trying to make data something that is tangible and precious is a challenge for even the most creative individuals. Even the computer companies themselves still represent data on our computers as little stacks of documents in order to help relate it to the real world. This week I read a new metaphorical look at data and how it is a precious commodity. It was posted on the IBM Security Intelligence web site and stated to treat your data like you would treat your precious daughter who is going on a date. They gave a list of 4 key topics to consider and understand, covering issues such as trust, when not to settle, knowing where action is taking place and passing on the right ‘tools’ to deal with arising and challenging situations.
Now this may sound like ‘dumbing down’ the message, but in fact I think it’s hugely effective. Using something that is precious to an individual and relating it to cybersecurity certainly will get the message home and will stick with people long after the obligatory training sessions are over. Perhaps blend that with a cyber crime map of Britain : Don’t let your data go out on a date with an untrusted individual in a cybercrime hotspot!
For links to all these stories and more, or to contribute with some comments join us by searching for the National Cyber Skills Centre on our social channels of FaceBook, LinkedIn and Twitter, or just click the relevant links from our website.