A cyber related story that seems to keep coming back is the one that states that the answer to shortfalls in current technology is to add more technology to it. On the face of it that sounds counter intuitive but if it’s the ‘right’ technology then perhaps it has merit.
Cyber only becomes serious in an organisation once a breach has occurred, the same as security systems being purchased after a burglary, however if technology was placed at the front end – i.e. in an area were it could predict an attack, then that may get the attention of those who hold the purse strings. Artificial Intelligence (AI) is not a new concept however with the significant increase in computational power, storage and data accessibility it is being touted as having a potential use in the predication of cyber crimes. Will a time come when we have completely autonomous AI systems looking for the subtle changes that lead to a cyber attack? Probably not, it will more than likely work in collaboration with cyber experts. A better way to see it is the same way that technology is used to predict the weather, it can give us indications and map out potential scenarios, but still requires the experience of an expert to put it into context – and even then it’s not going to be 100% accurate.
As the UK population loves to discuss the weather, I will resist the urge to carry on with weather based comparisons, however we do love to compare the UK (including its weather) to our European counterparts. We can now compare ourselves on another topic – cyber crime – and according to Raconteur, the UK is “the computer crime capital of the world, from the victims’ standpoint if not from that of the perpetrators”. Referring to a survey published by Trend Micro, Raconteur stated that cyber attacks in the UK are almost 40% higher than the European average. The overall trend, they state, is that it’s going to increase as the attacks become more professional due to career criminals and organised crime taking over from the amateur hacker and opportunist.
You know those creepy films that crop up around Halloween where kids toys come to life in order to perform some terrifying act? This sadly has moved (to a degree) from the fictitious to the factual, due to the rise of connected toys. Although this story has been doing the rounds for a while, it does bear further consideration. Reading an article on the Statesman website they explain how a cybersecurity firm examined in detail the risks associated with a smart toy from the company Fisher Price. This toy, that was a stuffed animal targeted at children aged 3-8, connects up to the internet via WiFi. They found that the companies then stored customers’ information on their networks that could be accessed by unauthorised users. It must be pointed out that once highlighted the problems were fixed and the company did state that they had no evidence that any data had actually been stolen however it does show that irrespective of the device, no matter how cute and cuddly it may be, security needs to be considered.
Any form of data breach, cyber attack or compromise is traumatic enough for any business, however to make matters worse legal cases are starting to follow in their aftermath. As the terrible TV advert once stated ‘where there is blame, there is a claim’ seems to be holding true in this field as the fallout from both the major breaches at US retail giants Home Depot and Target have resulted in class action lawsuits. Fortune magazine discussed this topic and illustrated a few steps that executives can take in order to minimise their exposure to such lawsuits. When the lawyers move in is this a sign of validation for cyber crime as a very real threat? Maybe the answer is to apply some AI to it, after all can you actually take legal action against a computer? Please don’t answer that.
For links to all these stories and more, or to contribute with some comments join us by searching for the National Cyber Skills Centre on our social channels of FaceBook, LinkedIn and Twitter, or just click the relevant links from our website.