Last month, I attended a special breakfast event on Data Security. The event included talks from data security and counter-terrorism specialists. Working in IT, I am constantly aware of the importance of keeping data secure. In addition to networking with other IT professionals, I wanted to educate and broaden my knowledge and understand of data security.
Technology has changed how organisations operate. From bricks and mortar to the digital age, technology has brought many advantages. However the disadvantage is the vulnerability of an organisation’s data, to potential misuse and cyber-attacks has increased substantially. The event gave me a useful and disturbing insight into how there is a general lack of knowledge and failure, to grasp the size and nature of cyber-attacks that can occur both internally and externally. In addition, there were some other interesting points that interested me, which included:
- 80% of data stored by organisations is unstructured data (data not contained in databases).
- Most security vulnerabilities are found in third-party applications.
- Portable devices or end points (laptops, smart phones) hold 28% of organisational data.
- Human factors need to be taken into consideration in data security.
- CEOs’ are now being held more accountable for data losses in their organisations.
- Cyber-attacks are regarded as a Tier-1 threat to National Security by GCHQ. This is the highest level of alert!
- Different cyber-attacks range from espionage from other countries to commercial competitors.
- Cyber-attacks are real and present a clear and present danger to UK plc!
- The UK Government has a website providing advice on cyber security, which can be found here http://www.cpni.gov.uk/
Securing data is a complex puzzle requiring a multi-layered approach. This requires a complex solution of products, procedures, human awareness and clearly defined written policies. In addition, solutions must be specifically tailored and integrated effectively, to address the security needs of customers, whilst balancing usability. Tailoring is important, as organisations will have different security requirements, depending on different factors such as IT infrastructure setup, organisational structure, environment and geography.
Data Security is not only important to protect an organisation’s reputation and brand, but also the national infrastructure, and the threats posed by cyber-attacks must not be taken lightly!
Guest blog by IT Enthusiast and Technical Professional Ben Cross of Liverpool Direct (part of Liverpool City Council)