The Week In Review : 16th September

ncsc_wir_logo_16092016What’s the most annoying thing about technology? Ok, that might induce a barrage of emails, so rather than ask a question, let’s make a statement. Passwords have to be one of the most annoying aspects of technology. Do you agree?

Everybody has multiple passwords, for home, for work, for shopping, for accessing pretty much anything and despite all the advice out there many people still like to have a password that is “12345” or something equally hackable. While we are at it, how many people write down passwords on a Post-It note and stick it on their desk? This might be almost ok at home, but in the office it’s a definite no-no, however I have yet to visit an office, and I visit many, where I don’t see this paper based ‘cyber breach’ on full display. But what is the alternative to passwords? Are we stuck with them?

The website business.com posted a piece on how to go about ditching passwords and the alternatives that are worth considering. They point out that “passwords are actually causing hundreds of millions of dollars in losses for the economy and can even pose a risk to national security”.

They go on to quote the CEO of Wiacts, a company that offers alternatives to passwords, who says “A majority of recent information breaches occur because of errors in identity management. Hackers’ favourite method is to steal or break through a password”. A truer word has not been spoken, but are companies who still find it challenging to manage they identities of their employees ready to deploy dual factor authentication, biometric authentication or some other alternative? I don’t think so. Unless it’s simple and non-invasive people will always resist it, or find a way around it. People will always be the weakest link in this chain.

The terms ‘cyber security’ and ‘government’ you would think has some glamorous overtones, but apparently not. According to a story on the Government Computing website, that references a Ministry Of Justice blog, it’s just ‘not cool’ to work in government cyber security.

It appears that there is a frustration within the Ministry Of Justice at the difficulty in hiring security engineers with the most appropriate skills for the job. Successful candidates view government IT to be a massive legacy monolithic monster and security-minded folk who can think originally still don’t think working for government is cool.

What’s the solution? The story suggests that that government should go out of its way to make security work as attractive as possible, let them work flexible hours, let them work from (nearly) wherever they want and to be shown how their efforts can make a difference. Isn’t that what any modern day worker wants from any job? Regardless if it is in government, or within the realms of cyber security.

You would think with the heightened awareness of cyber security issues in the business world that it would be high up on the agenda when new companies are founded, or looking for investment, not the case according to the website Entrepreneur (India).

They illustrate how in their opinion within a business start-up generally the concern is not cyber security. The goal is to get to market and to make the product functional and likeable. Does this mean that start-ups still believe that functionality is more important than security? If the rise of IoT is anything to go by, then yes, but now they are starting to suffer with many stories coming to light on how insecure many IoT devices truly are. A mindset shift is needed. Security is as big a selling point as functionality.

Cyber security is a mindset, it’s a necessary cultural shift, be that on treatment of passwords and identity management, on how cool it really is, or when starting out in business. We all ignore it at our peril.


For links to all these stories and more, or to contribute with some comments join us by searching for the National Cyber Skills Centre on our social channels of FaceBook, LinkedIn and Twitter, or just click the relevant links from our website.

Share: Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInPin on PinterestEmail this to someone