A pair of cyber-security speakers at a webinar yesterday discussed the Covid-19 pandemic ‘isolation economy’. They were Dr Jacqui Taylor, founder and CEO of FlyingBinary, a speaker at Davos in 2019; and Andy Watkin-Child, a Chartered Security Professional (CSyP).
The webinar was under the banner of Cybercon London 2021, a conference due to run in London on March 9. The audience heard that coming out of lockdown will make companies realise that we are living in a digital world and our ‘digital perimeter’ is bigger than our organisational (physical) perimeter. We share information all over the place, just as our physical supply chains are all over the place: “But our digital boundaries are significantly bigger.”
Some companies have taken a much more isolationist approach to cyber and technology, examples here being the United States and the Chinese tech firm Huawei; and the defence sector. Andy Watkin-Child, a former global head of cyber risk for Santander, said: “What I have seen in the last two years globally, and it’s now accelerating, is a complete change in the type of cyber regulation. Cyber is becoming such an interesting space. You have the carrot or the stick approach. The carrot has been …. I am not convinced carrot has worked, because there has not been much of a carrot to chew on.”
Cyber costs a lot to install; and it costs a lot when it goes wrong, the webinar heard; costs that an SME firm might not be able to absorb; meaning that companies are not adopting cyber practices.
Earlier Dr Jacqui Taylor spoke of how working from home has become the norm for a billion people; but those most prepared were the criminals. “The biggest cyber risk is now people, in my view,” she said, “which means we need a focus on strengthening our teams as we unlock the isolation economy. But it isn’t just collaboration within our organisations, but across our supply chain …. cyber is an operational risk to everyone.”
So what is the route to recovery, where do we go next? She spoke of a predicted billions of devices connected to 5G networks by 2025: “This is a totally different cyber risk scenario to manage.” As we undo the lockdown, we will need new business models, she said. The approaches that are based on threats will not work for ‘Industrial Internet of Things (IoT)’, she suggested; a risk-based one will.
How to do cyber security – the carrot or the stick, features separately in the July 2020 print edition of Professional Security magazine.
More in the August 2020 print edition.
