Why Cyber Security Matters

bigstock-Business-Model-On-A-Notepad-Il-36895549We are going so many places at the same time when it comes to the internet, cyber security and cyber crime.  I often wonder where the next problems will come from.  This musing has taken me to this point.

We are living in a time when knowledge is the most, perhaps the only, important thing.  Knowledge is critical for businesses to stay competitive, and for governments to govern effectively.  It’s crucial for individuals, too.  We are in a knowledge-based world, and this trend is only going to accelerate.

If knowledge is power, then the more knowledge I have, the more power I have over what is happening out there in cyberspace.  In any one day on the internet 144,000 hours of video are posted on YouTube, one billion files are uploaded to Dropbox, and 200 million twitter users tweet 400 million times.  The internet is an important part of most people’s lives, and their online identity is stored in the form of information.

With this wonderful ability to share everything we do on the internet, isn’t it time we put some though into protecting the stuff we don’t want to share—the information you wouldn’t want falling into the wrong hands?  Today’s smartphone has more computing power that the whole of NASA had to put Neil on the moon.  Isn’t it about time that we respected that power?

If you think your data isn’t that valuable, think again.  Criminals and competitors are after the following three things:

·         Personal information

·         Client information

·         Business information

They are looking for the basic stuff—name and address—all the way up to your price book, you intellectual property, or how you answer request for tenders for Government Agencies.  Information is power.  The right information in the wrong hands can be disastrous for all concerned.

Apart from the outsiders, the external criminals targeting your information, there are also the insiders to worry about.  The disgruntled employee who was passed over for a promotion might decide to download the company information and take it home on a USB stick. 

Your business could lose control of its most valuable assets—and you wouldn’t even know it.  The information of today is small enough to be moved around unobtrusively.  You can move gigs around on a thumb drive the size of your little fingernail.  If there are 100 kilobytes to a page, then you are talking about millions of pages of information.   The slowest part of the theft is the amount of time it takes to copy it onto that drive, and even that is lightning fast compared to ten or twenty years ago.  Once it’s copied, transport is no problem.   Years ago that would have been a huge job to move and steal, but today you could walk out of the office with the local library on your thumb drive (or uploaded to the cloud).

So, what’s the problem with cyber security today?  Our mindset hasn’t kept pace with the rapid changes in technology.  We are still applying historic attitudes to today’s internet.  In the past, information was all stored on paper.  It was relatively hard to steal, and the more of it you wanted, the longer it took.  Today, one slip and I have copied everything about your business, before you even know anything is wrong.

The solution is to change our mindset.  Intuition often fails to warn us about the new dangers of the information age.  Instead of relying on intuition, we should educate ourselves.  If you know the value of your information, and the risks of losing it, you’ll be better able to protect it.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.