Introduction to our Staying Safe Online campaign week

17 Feb 2020 11:25 AM

We will focus on one theme a day with guest blogs, case studies and videos that explore the impact of the theme on the cyber industry.

As we move to an increasingly online environment, which in many cases sees digital connectivity as a baseline, the need to protect yourself online becomes ever more pressing. With an evolving threat landscape, individuals, companies and governments need to think about a range of initiatives and programmes to keep us all secure.

Consequently, techUK’s Cyber Campaign Week will focus on Staying Safe Online, looking particularly at the following five themes and what they mean for your safety and security online:

Each of these themes represents a change to ensuring digital security. We will focus on one theme a day with guest blogs, case studies and videos that explore the impact of the theme on the cyber industry, the wider economy and the country at large. We hope this campaign week will promote and ultimately help to foster the skills required to Stay Safe Online.

Secure by Design

Secure by Design is one of the defining cyber security challenges of the modern era. With the proliferation of Internet of Things (IoT) devices, with recent estimations stating that there will be 420m internet-connected smart devices in the UK by 2021, it is vital that these devices come with security built-in from the outset. While the Government has proposed new legislation that would ensure consumer devices adhere to three rigorous security requirements, there are questions about what the roles and responsibilities of companies should be in securing their products, and how secure any minimum baseline should be.

techUK has engaged with DCMS extensively on these proposals to ensure that future legislation protects consumers, can be effectively implemented by industry, and supports the long-term growth of the IoT sector. We are also providing dialogue with key governmental departments, as they make their systems secure by design.

Cyber Skills

As we move into a digitally-enabled world, ensuring the next generation (and generations already in the workforce) have adequate cyber skills to protect themselves and their colleagues is of ever increasing importance.

There is an urgent need to upskill or retain the current workforce to deal with the immediate cyber security skills shortage. Crucially, this requires increasing the diversity of the industry, trying to attract more talent from neurodivergent backgrounds and increasing participation of women and those of BAME backgrounds,

while also allowing for upskilling and mid-career transfer from the non-digital realm to digital professions. techUK is promoting this work through our Q4theLoo project, and through our advocacy for continual cyber training and youth-focused programmes such as Cyber First and the Cyber 9/12 competition.

Without a vibrant training ecosystem, the cyber sector cannot provide the wider digital economy with the skills required to maintain security and resilience.

Cyber hygiene

Cyber hygiene represents the ways to protect yourself online through good practice and secure processes. Nonetheless, there are questions about what good cyber hygiene is, and how to think proactively about engraining cyber resilience throughout organisations. What impact does good (or bad) cyber hygiene have on security? Do multi-factor authorisation programmes increase security? What are the dangers to Bring Your Own Device policies or accessing secure documents on private servers?

Implementation of good cyber hygiene across the economy, and a strong understanding of what good cyber hygiene consists of, is crucial to reducing the impact of simple cyber-attacks, such as a phishing attack or ransomware. techUK promotes awareness of good cyber practice through several briefings, our support of the Cyber Essentials Scheme and through engagement with government departments.

Emerging threat landscape

The Cyber landscape is constantly evolving, and there are several threat outputs including both those from nation state-actors and cyber-criminals. From app attacks, to crypto-jacking and simple phishing attacks, there are multiple ways malicious actors can access your devices and/or servers.

The average detection time of a cybercriminal attack is 150 to 200 days, and this can cause serious problems. Indeed, research by the US National Cyber Security Alliance found that 60% of small businesses that fall victim to a cyberattack go bankrupt within six months of the attack.

techUK aims to highlight the emerging threats companies/consumers are facing in the cyber domain and emphasises the innovative solutions that the cyber security sector offers to mitigate these threats, be that through the introduction of cybersecurity controls or through innovative technological approaches such as robot process automation, AI, or Data and Analytics.

Data Protection

The importance of protecting private data is something that has rocketed into the public sphere over the last few years. Even as businesses have increased their cybersecurity efforts, malicious actors consistently employ new tactics to gain access to valuable company and consumer data, which they can then either use themselves or sell to a third party. With the implementation of GDPR and requirements for consent of the reuse of your personal data, companies understand that they must go to greater lengths to provide assurance they will gather and store personal data safely and confidentially. Whether this is something as basic as using messaging apps with end-to-end encryption, or having the data stored on private servers, there

are many routes companies can take to ensure the integrity customer data. techUK runs a Data Protection Group for members to discuss these issues in more detail.

This techUK campaign week aims to make wider society aware of the threats they encounter online and the measures they can take, and being taken by others, to increase resilience online. To get involved in the conversation, tweet using the hashtag #StayingSafeOnline