The cyber security market, that is predicated to grow from $75 billion (US) today to $170 billion (US) by 2020 has a bit of a gender issue. Currently only 11% of the worlds workforce in this market are women. A wonderfully researched piece on the website of Forbes magazine this week identified that there are one million cybersecurity job openings in 2016 and women could be snapping them up. The article is based on information provided by a non profit organsition called ‘Women’s Society of Cyberjutsu (WSC)’ who are passionate about helping and empowering women to succeed in the Cybersecurity field. Their research states that 50% of professional occupations in the U.S. are held by women, and that 25% of computing occupations in the U.S. are held by women. That leaves tremendous headroom for women to enter the cybersecurity market. The article goes onto list a wide variety of schemes and programs all focused on assisting women move into this male dominated market and is well worth reviewing.
Another under represented positive demographic in cyber security was making a few headlines recently, namely hackers. For a long time, they have been seen as the nemesis of all those CISOs (Chief Information and Security Officers) who are tasked with protecting the digital assets of their organization. But do they deserve this reputation? or as a piece on the website MobiPicker.com discusses, can they be a valuable ally in the fight against cyber security? I was once told that a hacker is just a curious mind with skills and access to technology. If that mind can be focused for positive, as opposed to criminal, activities then it becomes a valuable resource. The term ‘hacker’ when used in the vast majority of cases indicates that they are all criminals, but that’s woefully unfair. Many have the talent and tenacity to resolve even the most complex and challenging vulnerabilities. Many companies would be well placed, when recruiting for cyber skills, to find self confessed hackers and consider bringing them on board.
An area of the internet that is alien to me is ‘the dark net’, or the dark web as it also gets referred too. This is the place that even Google doesn’t go to – well, if it does then it filters out all the results in my rudimentary searches. The dark net is where a vast amount of illegal activity occurs but the perpetrators can hide their identities. CBROnline recently posted the results of a survey by Ipsos and the Centre for International Governance Innovation (CIGI) indicting that most citizens worldwide want the dark net to be shut down, as questions over the importance of privacy versus safety continue to mount. Over 70% of citizens globally would like to see it shut down, as opposed the remainder who wished to preserve the anonymity and lack of censorship that the dark net provides.
This is another case of privacy over censorship and there is never an easy answer. “The dark web is known for being used by criminals to sell illegal services and items, including weapons, drugs or child abuse imagery. It has even been rumoured that uranium or assassin services can be bought”, as the article states, but does go on to explain that it is also used by journalists, human rights activists, dissidents and whistleblowers who “use these services to rally against repression, exercise their fundamental rights to free expression and shed light upon corruption.” This debate will unlikely find a satisfactory conclusion anytime soon.
A story about the Metropolitan Police Commissioner Sir Bernard Hogan-Howe caught my attention recently as he has called on banks not to refund customers who are the victims of online fraud. He is quoted as saying that the current system where Banks, and other financial institutions refund the losses of individuals effected by online fraud, is in fact not ‘incentivising’ people to protect themselves. I do respect his stance and comments on this as we all have a individual duty to protect ourselves online, in the same way that we protect ourselves in the physical world. The challenge however is that cyber security is still relatively ‘new’ and vast swathes of the population still require education on many of the most rudimentary steps to keep themselves safe.
Banks, software companies, hardware companies and many others are offering more and more solutions to customers and individuals to protect themselves but without education, or recommendation, the average ‘person in the street’ is unlikely to take many proactive steps.
Maybe there is a halfway house here. Take on the recommendations of Sir Bernard Hogan-Howe and if it is proven that the individual has taken no steps to protect themselves then they do not receive a refund should they suffer a loss. Conversely if they have followed the recommended security guidelines laid out by their bank, and can prove this, then they do. Ok, that may be a very simplistic view and open to considerable debate, but what approach works best when it comes to online protection? The carrot or the stick? Maybe one of the people who fills the one million cyber security vacancies will have an answer.
For links to all these stories and more, or to contribute with some comments join us by searching for the National Cyber Skills Centre on our social channels of FaceBook, LinkedIn and Twitter, or just click the relevant links from our website.