Barely a week goes by without some mention, in the press, of a major cyber incident. Whilst a few years ago the incidents being reported were generic “malware infects 10,000 of users”, today we see widespread reporting of targeted cyber operations.
Users now face an unprecedented threat, both from malware targeting their personal machines, and targeted attacks against the services they use and trust. To defend against these threats, new technologies are being invented allowing more dynamic categorisation of attacks and making use of the huge online community to cloudsource information about potential attacks.
This never ending battle between the attackers, be they criminal, hacktivist or politically motivated/funded, and those on the defensive side; security experts, researchers, commercial companies, and government agencies; is endless.
This shouldn’t surprise or worry us unduly, as long as there has been things worth stealing, there has been crime. But we do need to stay aware of the latest threats and constantly look to “up our game”; improving the quality of the engineering which underpins our lives.
In the last year most major world governments have woken up to this wide range of threats and begun programs of cyber investment; with the aim of substantially improving the defences of both government and commercial computer systems.
One area where this effort has proved most challenging is within the mobile space. Traditionally the response was to ban mobile devices from buildings, but increasingly the huge business benefit they can provide is causing this approach to be rethought. We’re increasingly challenged to find innovative ways to allow use of mobile devices in security concious environments.
To defend government systems into the future we need innovative and inspirational technologists to work alongside our world class experts, in devising and implementing new defensive technology. Due to the broad range of potential attack vectors there is ample opportunity for those with a security concious mindset, regardless of technical specialism; database, application, mobile, embedded and even reverse engineers are all needed to protect against the advanced threats faced by government.
– Richard Cooper, Platform Security Lead, Her Majesty’s Government Communications Centre
Create a solution that addresses one or more of the three key aspects of security:
- ensuring that the content of communication is confidential and secure from interception by 3rd parties;
- that the communication channel is available and resistant to denial of service attacks; and
- that systems provide high integrity, allowing you to be confident that the other parties involved are who they say they are.