I was sitting in my office reading the news last week and had a very pleasant moment of surprise when I read about the UK government’s decision to put cyberattack into the group of highest priority risks the country faces. The United Kingdom is the first country in Europe to openly do so and this decision deserves praise beyond measure; praise now for having made it, and additional praise in about one to two years, if the risk profile of relevant government functions or organisations is actually reduced by the measures that will be implemented. Furthermore, the UK government is setting an example across Europe for other nations to follow, thereby leading the way in securing:
- Attention and awareness among decision makers in government and the private sector.
- Jobs, if organisations implement measures to protect know-how well and reasonably.
- Tax revenue, as companies that are outflanked by other countries’ organisations or governments stealing product know-how usually disappear from the market within a time- frame of one to three
years (depending on type of know-how and speed with which the stolen know-how can be exploited), or at least struggle to keep their market position (and also their employees).
- Life; the dependence on IT in many government functions and the private sector has become so pervasive that human life is not only threatened in the case of a cyberattack being carried out by a foe in war (be the foe symmetric or asymmetric), but also by cyberattacks on critical infrastructures, and last, but not least, simply by IT systems acting strangely due to a malfunction.
There is a further aspect which should not be overlooked: in times of austerity and hardship, those (be they companies, governments or individuals) determined to have an edge over others will try to gain this with an increased tendency to act unethically or illegally and by all possible or available means; to avoid having to deal with an incident and all its side-effects ranging in impact from “just unpleasant” to “existential threat”, the cyber-way should be closed to them, not open.
In cyberspace nobody can actually “rule” the waves, but we can certainly avoid being slaves of the consequences of cyberattacks or cybercrime.
The author welcomes comments, opinions or challenges to the views expressed. Please send these to firstname.lastname@example.org.