To get started, click accept below to bring up the cookies management panel. Next, tap or click on the Personalization button to turn on the chat feature, then Save.
Bill Mew is a key opinion leader, digital ethics campaigner and entrepreneur. As a key opinion leader, Bill focuses on striking the right balance between ‘meaningful protection’, where he has been ranked as the top global influencer for data privacy, and ‘the maximization of economic and social value’, where he is also one of the top influencers for everything from cybersecurity, and digital transformation to govtech and smarter cities. He also appears weekly on TV/Radio (BBC, RT, etc) as an expert on these topics - more broadcast airtime than any other technologist in the UK.
As an entrepreneur, Bill is the founder and CEO of CrisisTeam.co.uk, where he works with an elite team of experts in incident response, cyber law, reputation management and social influence to help clients minimize the impact of cyber-attacks.
Complex challenges of cybersecurity
There are some challenges for which there is a simple, quick and easy solution, but most of our most significant challenges arise from threats that can only be addressed by changing our behaviour and sustaining a long-term commitment.
The 2021 Allianz Risk Barometer* lists the top business risks that leaders need to watch out for this year. Three of these risks stand out from all the rest: 1) Business Interruption, such as from supply chain disruptions, 2) Pandemic Outbreak, such as health and workforce issues or restrictions on movement, and 3) Cyber Incidents, including cybercrime, IT failure/outage, data breaches, fines and penalties.
Such massive challenges require long term commitment to changes in behaviour. Nowhere is this more true than in a further challenge faced by society as a whole - climate change. Sustainability may well be the mantra for reducing our impact on the environment and reaching a new carbon-neutral equilibrium where we are no longer making things worse. It can also be applied to the level of commitment that will be required to achieve this - an all-encompassing commitment that we will need to be sustained for decades to come if we are to meet our climate goals.
Similarly, the pandemic, COVID-19 and all its variants, have required massive changes in our behaviour. We are likely to need to sustain many of these for some time to come. Thankfully though, there are masks and vaccines that can offer some protection and provide some light at the end of the tunnel. Nevertheless, dealing with current and future COVID variants is going to mean that many of these behaviours will need to be incorporated into a new way of life. Things will never go back to how they were, but there will be a new normal.
Cybersecurity is not just a tick-box
In many ways COVID, while the most immediate challenge, is actually easier to address than some of the others. There are no masks or vaccines that will make the climate challenge any easier. And while there have been a few COVID variants, on the cybersecurity front new vulnerabilities and malware variants are discovered almost daily. It will never be easy to sustain our commitment and focus on such endless challenges, but it is necessary never-the-less.
It is all too easy to take a tick-box approach to data protection, compliance and cybersecurity or delegate responsibility for these issues to individuals within an organisation and expect them to take full responsibility for it all. It is equally easy to take out cyber insurance and think of this as a substitute for adequate cybersecurity. The problem is that cybersecurity is everyone’s responsibility and it requires sustained commitment from us all.
So, what does “sustained commitment to cybersecurity” mean … and what does it not?
Sustained commitment to cybersecurity is not a tick-box exercise ... it is an organisation-wide cultural approach to valuing and protecting data.
Sustained commitment to cybersecurity is not just something that you delegate to the tech department ... it is a responsibility shared by absolutely everybody within the organisation, from the users that undertake phishing training and use multi-factor authentication (MFA), to the executives that provide adequate funding for cybersecurity and that actively participate in simulation exercises to test incident preparedness, as well as the IT and compliance teams.
Sustained commitment to cybersecurity is not a single solution exercise ... it is something that is applied from end -to- end across the whole of your organisation. While antivirus tools and methodologies like Zero Trust are a good start, they need to be supplemented by detection, backups, encryption and a great deal more. And while encrypted communications is important, so is encryption of data at rest on servers, on storage devices and even on SSDs and encrypted USB.
Sustained commitment to cybersecurity is also about investment in skills. Cybersecurity skills are in short supply and retaining staff with the right skills can be a real challenge for smaller organisations. Thankfully some vendors are providing support to smaller organisations that lack the necessary specialist skills. An example of this is Kingston Technology’s Ask an Expert service.
Sustained commitment to cybersecurity is not just a short term exercise ... it is something that needs to be sustained forever. After all, the landscape is constantly changing. New vulnerabilities and threats are being discovered almost daily. Cybercriminals are relentless opportunists. And the consequences of getting it wrong are considerable.
Sustained commitment to cybersecurity is not the same as having cyber insurance ... it is an absolute requirement that cannot be substituted. Indeed regulators have warned that you shouldn't ever confuse cyber insurance with cybersecurity. Cyber insurance is only ever supplementary to cybersecurity and incident response, and never a substitute for either of them.
Commitment is key to cybersecurity success
This kind of comprehensive, sustained approach may seem daunting, but it is essential as cybersecurity is an asymmetric threat. We have never been as reliant on technology or as interconnected as we are now, and hence so vulnerable. And while you need to sustain your defences all the time to ensure that your defences are adequate all the time, the attackers as opportunists only need to be lucky once. It could be a single phishing email or a single compromised USB drive that lets them in.
According to the Allianz Risk Barometer, global cybercrime is already causing a $1 trillion drag on the economy-a 50% jump from just two years ago. And things are getting worse. Recent supply chain attacks, such as the Hafnium attack on Microsoft Exchange servers and the Solarwinds hack, have impacted tens of thousands of organisations and we have seen an increase in the number and severity of ransomware attacks.
If cybersecurity is not already a boardroom issue at your organisation then it needs to be. And if you are not focused on a sustained approach to this challenge then this also needs to become a priority. Increasing numbers of organisations who have failed to recognise the threat, have instead faced the consequences - don’t let your organisation become another victim.
#KingstonIsWithYou
Ask an Expert
Kingston can offer you an independent opinion on whether the configuration you’re currently using, or planning to use is right for your organisation.
Self-encrypted SSDs
We offer advice on what benefits SSDs will bring to your specific storage environment and which SSD is most suitable for your mobile workforce to ensure you are working securely on the go.
The importance of organisations to consider Revenue, Profit & Risk as equal in organisations to ensure they mitigate data security & cyber security risks. Read this article from Industry Expert, Bill Mew & he will provide you with an insight on this topic.
Choosing the right SSD for your server is important since server SSDs are optimized to perform at a predictable latency level while client (desktop/laptop) SSDs are not. These difference result in better uptime and less lag for critical apps and services.
What strategies can organisations use to best secure customers data in a post-GDPR world with the ever-evolving nature of cyber security threats? Kingston pooled the knowledge of some of the UK’s most experienced commentators in cyber security to discuss how data protection has changed since the introduction of GDPR.
You already know that remote working is a business enabler. But the challenges posed to your network security and compliance with GDPR are too big to ignore.
End-to-End Data Protection protects customer’s data as soon as it is transferred by the host system to the SSD, and then from the SSD to the host computer. All Kingston SSDs incorporate this protection.
This program offers the options most frequently requested by customers, including serial numbering, dual password and custom logos. With a minimum order of 50 pieces, the programme delivers precisely what your organisation needs.
Everyday working life has changed radically and so have traditional ways of working: thanks to mobile storage media, we can access our data practically at any time from any location, and can work on our data wherever we are.
Heathrow Airport in London (30 October 2017) uses unencrypted USB drives for its non-cloud storage. Unfortunately, it was not standardized on encrypted USB drives.
Testing is a cornerstone of our commitment to deliver the most reliable products on the market.
We perform rigorous tests on all of our products during each stage of production. These tests ensure quality control throughout the entire manufacturing process.