Cyber Security and Data Management - Interview with John Davies
John Davies, of Cardiff-based Pervade Software, discusses cyber security and data management.
How is cybercrime changing, and why?
Very few people recognise that the cyber security phenomenon that has steadily grown in our collective psyche for the last five years is fundamentally about crime. We hear so much about hackers and ‘hactivists’ hunching behind their computers that we do not see these people for what they are – criminals.
There are two factors that are particularly important when trying to understand a criminal. The first is the idea that one must “get inside the mind” of a criminal in order to really understand their motivation and be able to deduce and predict their next action. Detectives as diverse as Sherlock Holmes and Luther all amaze us with their ability to relate to the murderer or thief and play them at their own game.
The second is the notion of “follow the money” to uncover the identity of a criminal, because even so-called crimes of passion very often have financial gain at their roots.
Unfortunately, our fixation with the computers, the software, the Internet, the dark web and the gadgets that cyber criminals use tends to draw our focus of attention away from the reality of what the cybercriminal is actually doing. In the aftermath of a cyberattack, we get caught up in the technological wizardry that made the attack possible and the need to find a computer-based solution to the hack.
Like all dedicated criminals, cybercriminals are constantly trying to dream up the next big job or puzzle out the details of their next daring heist, and this will always put them ahead of the rest of us who can only sit and wait for the attack to take place.
So, instead of concentrating on the tools of the trade, like trying to decide exactly what lock pick someone used to open a door, we need to be focusing on what makes cybercriminals want to open locked doors in the first place.
What training and education options are available, and what approaches to education are most effective?
This is where the notion of getting inside the mind of the criminal comes into its own.
We know that hackers can make the best cyber security specialists. In fact, there is a widely accepted belief that most serious hackers work Monday to Friday in cyber security teams for big companies and then hack on the weekends.
Education and training needs to be focused on reality of cybercrime, embracing the fact that it is first and foremost a crime – not a puzzle to be solved using correlation rules, algorithms and artificial intelligence. This thinking has formed the basis of the new project-based undergraduate course at the University of South Wales, delivered out of the newly-formed National Cyber Security Academy. Helping students to experience cybercrime and cyber-security work in the real world, they work directly with victims – the companies who are trying to deal with the effects of cybercrime – and those who develop cyber security products and services, to develop a fully-rounded appreciation for the challenges they will be expected to tackle when they graduate.
What do small businesses need to know?
Recently we have seen a huge rise in bullying or extortion attacks being aimed at smaller companies. It is far easier to get a thousand small businesses to pay £100 than it is to get a large corporate to pay off a £100,000 blackmail threat.
These attacks are indiscriminate, but to tackle them is to understand the sort of cybercrimes that are taking place so that small businesses know what to keep an eye out for and prepare themselves for the possibility of it happening. They must also understand what to do if they get caught up an attack, then have simple plans in place for how to respond and get back to normal as quickly as possible, making restoring from backups and business continuity as familiar as a fire drill. Far from requiring expensive defence systems, it is simply about being robust and resilient enough to pick yourself up quickly after being knocked down.
But the best possible advice to small businesses is to prepare themselves for the possibility of these attacks happening. Thankfully, this has been made easier through the availability of a best practice framework, developed in the UK, and readily available for all companies.
The Cyber Essential Scheme has been designed to prepare businesses for 80% of known cyber threats and serve as a beginner’s course in cyber security awareness. Compliance with these measures could prove invaluable for small businesses, helping them to iron out any vulnerabilities and make sure they have the best possible systems in place.