Blogathon 29/16: It’s When, Not If

The funny thing is, whenever I mention the words ‘cyber security’ to most folk, their eyes tend to glaze over for a variety of reasons.

The usual reason is that most people think that cyber security is someone else’s job.

And up to a point, yes, they are right.

But it’s a moot point, especially when their own, home-based IT is penetrated.

We expect banks, insurance companies, and in fact, every other ‘commercial enterprise’ to keep the data we have entrusted them with, secure.

It is a reasonable expectation that the corporate custodians of our personal information meet extremely high levels of security.

Why should we not expect the corporates to keep our personal data safe, and encrypted?

Apart from the fact that our Prime Minister, David Cameron, has said he wants to ban encryption in the UK, that is.

But, like all systems, the security in place on it, is only as good as the people who use it.

All it takes is a member of staff in, oh, I don’t know, pick a business department, finance?

Yes, OK then.

All it takes is a member of staff in finance to click on a link, or to open an attachment in an email, and whoops, nasty things happen.

Poor old Solar UK.

Or this sort of horrifying data breach, as happened to uKnowKids.

Or how about this absolute shocker that happened to toy company VTech?

Of course, it isn’t just private companies who experience this internet pain.

There was this incident that happened to poor old Lincolnshire County Council.

Then there was this US hospital that was held to (and paid) a ransom.

Even the US Internal Revenue Service (IRS) isn’t immune to someone clicking on the wrong link, or opening an unchecked attachment.

And hey, guess what, even your smartphone isn’t immune?

My favourite hacking scandal in the last few months was what happened to ‘the cheating website’ Ashley Madison.

I loved that an analysis of the now-publicly available, hacked data, went on to prove that a staggeringly high percentage of the ‘live’ female accounts on Ashley Madison were in fact fakes.

Yep, that’s right you naughty cheating boys, it would appear that they could have been gaming you, for your membership money.

However, even though it doesn’t actually take much, by way of computing resources, to do any of these things, it takes even less effort (and computing) to expose a typical home network.

But as with the corporates, the typical person who grants access to all of your personal data, and your home systems doesn’t usually look like this:

No, the typical person who opens everything up is the person who clicked on the dodgy link.

Or the person who opened that Word (or Excel) attachment.