“Cyber Security is not an IT Problem: This is Something That Affects Every Single One of Us”

For those of you who have been keeping up with my articles, you’ll know by now that I love TED Talks. Particularly those on cyber security, as being new to the industry, I find it the best way to learn. Not just because these professionals are very knowledgeable in their field, but because their content is so interesting, and very often, shocking.

Yesterday, I watched a talk by Rob May, who discussed the problems with the rise of cyber-attacks. I was shocked to discover that, according to May, the biggest criminal activity in the world was in the past, the trading of drugs. However, in this day and age, cyber crime has surpassed it. At this point, I’ve read many an article about the vision of crimes in the future and that many will be cyber orientated, as cyber criminals leave less traces of their activity and thus are harder to catch. However, it wasn’t until it was put into a more relatable and tangible context that the gravitas of this really resonated with me.

A New Problem:

May explains that in 2017, the time in which he delivered this talk, the cost of cyber crime would be $4 trillion, with that cost rising by a trillion every year. Thus, in 2020, following this assumption, the cost is now approximately at $7 trillion worth of damage. Seven TRILLION.

He points out that in this day and age, it’s actually quite common for people and businesses alike to be investing in things such as software and hardware protection; the kind that you install onto your computer. However, what about the other facets of the internet that we don’t always consider?

Mars Bar For Your Thoughts?

He recounts a survey done at Liverpool Street Station a few years ago, one with the aim to prove how easily people will give out personal data. The survey had just 3 simple questions: what’s your name, where do you work, and what’s your network password? Unbelievably, 34% of people filled out the form. Those who said no, however, were asked again with the promise that if they did, the survey hosts would give them a free Mars Bar. 70% of these people then filled out the form. As May said himself, there is a chance that the filled in information was incorrect, yet ‘cyber security is a game of numbers’—only some of it needed to be correct for cyber criminals to work out the rest.

Many of you reading this are probably thinking, ‘well, I would never be as naive as that.’ Hopefully, that is the case. However, there are so many methods criminals can use that wouldn’t even cross our minds. This can be as trivial as using a public Wi-Fi hotspot. It can be so easy for hackers to go to a coffee shop, for example, call their network name the same as the shop and extract all details from those whom they manage to trick into using it. Or, even more trivial, silly posts on social media, telling you what your name would be in certain films by determining your date of birth, or the name of your pet, etc., which are all common questions when forgetting your passwords. We can give out information so easily every day, and we don’t even know we’re doing it.

Be The Change You Want to See:

It’s clear that the mentality in the workplace regarding cyber security has to change. A mere 1 in 5 businesses in the UK carry out some form of cyber instruction, and most of that is in the form of a policy that is mentioned once in their induction. However, May recounts that an intelligent person needs to hear something 6 times to understand it. He also notes that Harvard University did a study, showing that when a businessperson wants to convey a message, they put 85% of their efforts into policies, yet on average, only 3 out of 100 people will receive that message. This just proves that policies are not enough.

Education is paramount. We must teach people to be sceptical and less trusting of people, because as the old saying goes, it’s better to be safe than sorry. In a business, training and education must be embraced and it must start at the top, with the CEOs, founders, and directors. In addition to this, it has to be an ongoing process, because the cyber industry is ever changing and becoming increasingly sophisticated. It is only through reinforcing this message that we can start to strengthen our awareness as a society and protect ourselves from these crimes that are costing us trillions of pounds every year.

Why? Because “cyber security is not an IT problem, this is something that affects every single one of us.”