Cyber Security Show: Security the new "keeping the lights on"

At the second annual Cyber Security Show in London – convened under Chatham House Rules – we’re told that security incidents cost 100,000 jobs a year in US, and the percentage of IT’s budget spent on security has risen from a mere 5% a decade ago to an average of 17%. This can even rise to 40% in certain industries.

This cost and complexity is killing innovation. It seems where once “keeping the lights on” was the biggest killer for IT, the scale of security is now the biggest issue holding CIOs and their ilk back. The audience was told a story about a client who had spent a large amount of money on a security solution, only for it to be unopened and left in a cupboard a year later.

The perpetrators

So, who are the main perpetrators in today’s security world? It’s not as clear cut as often thought.

Though “hacktivists” are often the most easily identifiable and highest profile in the media, the conference is told these can often be “false flag operations” and are in reality nation-states hiding under an easily-waved banner. At the same time, many intelligence operatives apparently double as “weekend warriors,” selling their services to the criminal organisations they are paid to stop during the week.

The criminal organisations themselves are said to showing a greater interest in online crime due to the fact there’s more money, less danger and reduced repercussions from the law – especially if targets are located in other countries.

Terrorists were also reported to be showing an increase in cyber activities; from intelligence gathering and recruitment to infrastructure damage and even traditional profit-driven methods such as ransomware.

And of course there are the ever-present lone wolves and insiders; the glory hunters, mercenaries, and disgruntled or careless employees.

The answer

So what is the solution? There are repeated calls for greater information sharing between organisations, and an emphasis on the people; better education, more communication etc. While on the technology side, analytics (both predictive and behavioural) is said to show promise, as is machine learning. Increasing costs for hackers was always cited as a way to make yourself a less appealing target. Some even say systems based on Blockchain technology, the ledger protocol that powers Bitcoin and described as “a system that’s been around for eight years and never been hacked” could prove fruitful in security efforts.


Further reading:

What will be the single biggest security threat of 2016?

The IoT “time bomb” report: 49 security experts share their views


« Cloud research: Ransomware, CISOs & new regulations


VR vs. 360-degree video: When YouTube moves immersive to 'live' »
Dan Swinhoe

Dan is a journalist at CSO Online. Previously he was Senior Staff Writer at IDG Connect.

  • twt
  • twt
  • twt
  • Mail


Do you think your smartphone is making you a workaholic?