{{ searchResult.published_at | date:'d MMMM yyyy' }}

Loading ...
Loading ...

Enter a search term such as “mobile analytics” or browse our content using the filters above.

No_results

That’s not only a poor Scrabble score but we also couldn’t find any results matching “”.
Check your spelling or try broadening your search.

Logo_distressed

Sorry about this, there is a problem with our search at the moment.
Please try again later.

The world is faster, and more connected, than ever before: that pace and those networks just keep growing.

As individuals, businesses and societies we are now linked in ways that would have been unimaginable just a couple of decades ago, and through these links we are sharing huge amounts of information.

We are living in a knowledge economy where information has become incredibly valuable, whether that is commercial information that would enable a competitor to overtake us in the market, or personal data that is exchanged and exploited by criminals for financial gain.

If you recognise the value of information, then it’s time to take cyber security seriously.

Smartphones are the perfect example of the phenomenal expansion in computing power experienced in the last five decades.

Apple’s latest high-end offering, the 5s, includes 64-bit technology, providing yet more proof that Moore’s Law is alive and kicking even faster than predicted.

The amazing progress of technology has had a huge impact on society and, in particular, our connectivity. In any one day on the internet, 144,000 hours of video are posted on YouTube, 1bn files are uploaded to Dropbox and 200m active twitter users send 400m tweets.

As individuals, we've come to rely on instant access to our social networks and a forever-growing wealth of information at the tap of a finger: 65% of people in the UK would give up alcohol for a year to maintain their broadband connection, 76% would give up chocolate and 78% would give up coffee.

However, the more information we share, the more we open ourselves up to threats. Fraud cost the UK over £73bn in 2012 and the UK is the worst place in world for identity fraud: almost one quarter of UK residents have been a victim.

Organised criminal gangs increasingly use social networks and social engineering to carry out cyber crime. For example, with information gleaned from social networks, criminals can tailor spear-phishing email attacks, making the target much more likely to fall for their bait.

Do you tell twitter when it's your birthday? Can I work out your mother's maiden name from your Facebook Family Tree? Cyber criminals follow wider trends, and so the more we use social networks and share information, the more this habit will be used against us.

This is why the World Economic Forum has stated that “personal data is the new oil of the internet and the new currency of the digital world”.  

Of course, it is not just personal information that is at risk: the internet has also changed the way we buy and sell goods and services, and how we do business in general, making the private sector incredibly vulnerable in cyber space.

The internet helps facilitate $10tn in online transactions every year, and the internet-related market in the UK is now estimated to be worth £82bn a year, with British businesses earning £1 in every £5 from the internet.

The huge value of the internet to business provides opportunities for criminals, as well as competitors, rogue states and other malicious actors. Undoubtedly, your business will store and share information on a daily basis that would be extremely valuable to others. Competitors and criminals are particularly interested in:

  • Personal data (employees and customers).
  • IP.
  • Bid information.
  • Financial data.
  • Contacts.
  • Strategies, plans and forecasts.

It is imperative that organisations secure their personnel and physical defences, as well as their technical ones, as highlighted by the recent £1.3m attack on Barclays Bank in which a member of a criminal gang successfully posed as an IT engineer to plant a malicious device on one of the bank's computers, which the gang then used to remotely access other machines and transfer money between accounts.

It is crucial that staff members are trained in the need to value and protect information, and that measures are put in place to protect against malicious insiders. With the proliferation of USB sticks and bring-your-own-device, combined with a lack of cyber security training in so many companies, it is perhaps no surprise that most cyber breaches are the result of human error (although it is also worth noting that the most costly breaches are carried out by malicious insiders).

The figures are staggering: 93% of large corporations and 76% of small businesses reported a cyber security breach in the past year and the cost of a breach is estimated to be between £110,000 to £250,000 for large businesses and £15,000 to £30,000 for smaller ones.

These financial costs, of course, do not include the huge reputational damage caused by your business hitting the headlines for failing to protect one of its most vital assets, information.

Cyber attacks can come from anywhere, as the Barclays case shows, but social networks and highly sophisticated spear-phishing emails are increasingly being used. 

If an attacker can gain the trust of their target, just for as long as it takes to click a link, then a huge amount of information, and money, is at stake.

For example, when Coca-Cola was in talks with China’s largest soft drinks manufacturer, China Huiyuan Juice Group, the Deputy-President of Coca-Cola’s Pacific Group, Paul Etchells, gave little thought to a link he clicked in an email which he had seemingly received from his company’s CEO.

Unfortunately for Coca-Cola, the email was malicious: it had not come from the CEO and the link was loaded with malware, which enabled the attackers to access emails and steal passwords to set themselves up as administrators on Coca-Cola’s network, and therefore become privvy to an awful lot of very sensitive information. Coca-Cola’s $2.4bn acquisition of China Huiyuan Juice Group quickly fell apart, and the attack was subsequently blamed on state-backed Chinese attackers.

Over ten years ago, the internationally-renowned security technologist Bruce Schneier saidonly amateurs attack machines; professionals target people”. This has not changed in the last decade, and the attacks have become more sophisticated the more we share.

As individuals and businesses we put a lot of information out there: be careful with it.

Jessica Barker

Published 30 September, 2013 by Jessica Barker

Dr Jessica Barker is a cyber security consultant and a guest contributor Econsultancy.

2 more posts from this author

Comments (5)

Avatar-blank-50x50

Oriol

This is a very interesting view on security. We are suppliers of Barcelona Mobile World Congress since 2005 and we provide a solution to this concerns, a secure smartcard, Safe Keeper Card fot pc and Safe Keeper Card mobile for mobile Andorid devices users. Because we produce this two smartcards we will not write here a letany of good adjectives related to them. Instead, just check on us at safekeepercard.com and if you have any questions just feel free to contact us at comunicacio@akrocard.com or at marketing@akrocard.com

almost 3 years ago

Avatar-blank-50x50

Maggie

Oriol, after reading the above, do you honestly believe that we will click anything in your badly written email?

almost 3 years ago

John Waghorn

John Waghorn, Content Marketer at Koozai Ltd

Good post on an issue that’s not often explored. From a company perspective, I think cyber security is an area that’s easy to forget for smaller or medium sized businesses. Larger companies and organisations will obviously have stricter regulations as part of protocol.

We live in a world where we are constantly connected, so security really is fundamental. When you observe the stats that you mention in your article about files being downloaded and videos posted on YouTube it only reinforces the scale of the online world and the threat that actually exists as a result.

almost 3 years ago

Jessica Barker

Jessica Barker, Cyber Security Consultant at J L Barker Ltd

Thanks, John, great to hear your feedback.

You won't be surprised that I completely agree about the importance of cyber security and the fact that unfortunately it's overlooked too often in organisations. I wrote this article because I think the 'why' is so important.

I'll be writing more on cyber security for Econsultancy so I hope you watch this space!

almost 3 years ago

Avatar-blank-50x50

Adisa

Nice write up, especially protecting against malicious insiders.

almost 3 years ago

Comment
No-profile-pic
Save or Cancel
Daily_pulse_signup_wide

Enjoying this article?

Get more just like this, delivered to your inbox.

Keep up to date with the latest analysis, inspiration and learning from the Econsultancy blog with our free Daily Pulse newsletter. Each weekday, you ll receive a hand-picked digest of the latest and greatest articles, as well as snippets of new market data, best practice guides and trends research.