THE FUTURE OF CYBERSECURITY

Wilton & Bain and Kaspersky Lab were delighted to host a lively, informative and convivial evening to discuss the challenges of Cybersecurity in today’s data age. We were joined by Paul Johnson CIO at Aldermore, one of the UK’s foremost challenger bank success stories, who provided an insight into the challenges faced by industry.

“Cyber threats are a plague that respect no national boundary, corporate or institutional fortress or any definition of privacy”

Piers Marmion, Chairman, Wilton & Bain.

Paul confirmed that the rapid evolution of technology over the decades, and the exponential explosion in the quantity of data generated, shared and stored, has created significant challenges for data security and given rise to onerous regulatory requirements. The juxtaposition of managing this risk, while striving for agility and innovation, is a modern day organisational challenge.

As organisations mature from basic e-commerce offerings to more sophisticated digital business models, and ultimately the advent of robotics, the Board’s need for assurance around access control and data security grows. In order to move along the digital maturity curve, securing revenue streams and differentiation through digital channels will require an aggregation of services, which do not typically reside within traditional business models.

Risk vs. Agility

The amorphic nature of malware and ransomware- some random, some targeted, some highly sophisticated, andsome crude, require constant defence. The need to understand where your data is coming from and going to requires wider assets than most internal organisational resource can provide.

Staying secure will necessarily require expert assistance best delivered through trusted partners. The strategic role of the CIO must ascertain what services and expertise are required in order to balance the security risk without destroying innovation.

The Role of the CIO

Sergei Novikov, Head of R&D at Kaspersky Labs reiterated that the threat landscape is becoming more pervasive and sophisticated. Both the number, and complexity, of incidents for individuals and enterprises is growing, not least with the increase in the use of personal devices and cloud services, which are easier to infiltrate. The targeting of cyber attacks is also becoming more sophisticated as high profile attacks on critical infrastructure are more commonplace. However, the exact scale of the problem is difficult to quantify as many attacks go unreported for fear of reputational damage. One estimate suggests the annual cost of cybercrime could be as high as US$575bn (McAfee, 2014).

The Cost of Cybercrime

There are a couple of key challenges in combatting cybercrime. Firstly, consumers and some enterprises, particularly SMEs, do not fully comprehend the nature of the threat and therefore how to defend themselves appropriately. Secondly, there is a global shortage of cybersecurity expertise to fight against malware players who are increasingly sharing their products to extend their reach.

The first step must be education and raising awareness levels. For organisations, the weakest point will always be the employees. Policies need to be dynamic and constantly communicated. CIOs have a responsibility to own and mitigate the risk by implementing the best available technologies and solutions,. This is no substitute for driving a culture which behaves in an informed, cyber-secure way.

The Challenges - Awareness

The challenge of increased regulation around how businesses are allowed to handle personal data (GDPR) elicited interesting debate on the topic of who actually owns personal data, an issue made more complex by the adoption of IoT. How an organisation handles personal data is an intrinsic element of the relationship between a company and its customers. Transparency is key to building trust with consumers.

Younger generations don’t seem to show any particular concern for who sees their personal data and have a similar disregard for protection. This provides easier access for cybercriminals and weakens the entire data ecosystem. Conversely older generations can be ostracised from goods and services through a lack of understanding of technology, and over-concern over the use of their personal data. Again, education and awareness is paramount to building a common sense based pragmatic and secure approach.

The Challenges - Regulation

Similarly, GDPR will undoubtedly impact how organisations develop new products and services. Regulations that are designed to keep consumers’ data ‘safe’ can hamper the development of innovative, tailored offerings, thus diminishing commercial return. Striking the balance between managing risk and encouraging innovation is a key management challenge in data driven economies.

In summary, the digital age has given rise to a new style of invisible criminal. The first line of defence is around education and awareness of the risk, particularly informing customers and employees of safe practice. Regulation around data protection is prevalent, but the application of appropriate safeguards ultimately sits with those who are manipulating and storing data. It rests with the CIO to be accountable for the risk, and build a secure data environment,subject to constant review. One thing is for sure, cybersecurity will remain the foremost 21st century risk for the foreseeable future.

Summary

© Wilton & Bain 2016

The Wilton & Bain Group  is a global leadership advisory boutique which provides executive search, interim management, management consulting and recruitment services. 

As a challenger brand, we have been a forerunner in this market for over 15 years, working alongside some of the world’s leading companies.

We specialise in the Information Technology, HR, Media, Professional Services and Financial Services Industries, delivering outstanding leadership teams for the most innovative companies globally.

As a result the company has achieved exceptional growth over recent years and in 2013 were recognised in the Sunday Times fast-track 100 as the 67th fastest growing company headquartered in the UK.

© Copyright of The Wilton & Bain Group 2016