‘Governments spend a lot of time thinking about what they used to call critical national infrastructure, now they call Critical Information Infrastructure, says Sam Tilston, CEO of Cyber Security specialists, Awesome Resources. ‘It is time that people and companies did the same about their data.
Imagine if the mobile networks of the UK were all blocked at the same time by a mega virus. Imagine if the national electricity was hacked and turned off. Imagine if control of the air traffic control system was seized by terrorists. Governments spend a lot of time imaging these kinds of things and making contingency plans for what they would do about them. That means thinking about what is critical to the security and well being of the people of a country that is delivered via information systems. Then working out how to defend them.
‘Most people and many companies still do not think about their own critical information infrastructure and how to protect it. What we tend to find at Awesome is that clients calls us after the crisis has taken place, after the fake news is out there, after their laptop is hacked. Many companies are the same: when the malware closes them down, they call us in. Imagine if states behaved like that and waited for the attacks to take place before trying to put systems in place to defend themselves. ‘Well, says Sam, ‘we believe that a person or a company that does not take their own critical information infrastructure seriously is leaving themselves wide open to attack.
The basis of the approach that Awesome is pioneering is proactive. Everyone needs to stop and think about what the most important digital elements of their lives are and how to defend them. That might mean the traditional cyber security approach of ensuring that you have up to date virus protection and firewalls, that you do not let others access your devices, that you do not do online banking on a public network. ‘Awesome can of course put all these things in place but we suggest that if a client is worried that they might be vulnerable to attack they become proactive, they set up systems to monitor who is looking at them and where they are from. If they are subject to attack it is not enough to know that it has happened, you need to know where that attack came from so you can understand why it is happening.
Individuals need to do this kind of thinking just as much as companies but it is surprising, according to Sam, how many companies are still into passive defence or worse, simply put in place software solutions without thinking about people. ‘Some of the worst cyber crime attacks of all time were perpetrated by a person with a memory stick popping it in a server and uploading a virus.
But our information infrastructure is wider than just the systems and the devices we use: it is our digital reputation and footprint. ‘Not all attacks are based on virus or malware, increasingly the attacks that do most damage to a brand or an individual, are based on fake news, lies online that feed the 24/7 Twitter driven reporting which then changes the order of results you get when you put yourself into google. The implications can be deals that fail, relationships that end and brands that collapse. ‘At Awesome we believe in proactive reputation management; it is part of the defence of your critical information infrastructure. It entails ensuring that you know what is being said about you, ensuring that everything you say and present through social media is under your control and it means responding to and rebutting fake news that appears about you.
The world has changed. We all recognize that but the old saying from military studies applies. The danger is always that you will be fighting the last war and not the next one. Unless you inject some of the proactive tools and processes that companies like Awesome specialize in, then your reputation and the reputation of your company or brand is at profound risk: www.awesomeresources.co.uk