I wrote this in 2013 after moving to the U.K. to help push thru what we now call GDPR. GDPR was supposed to go into effect in March 2014 but it was stalled in the EU Parliament. Its interesting what changes can occur in 6 years if government is on board and industry stops scaring and starts educating
After 6 months of meetings, presentations, practicums, conferences and you name it on Cyber or Information Security; I think I have figured out the mind set of UK and European corporations towards it. It’s just not a concern warranting any action. It’s that simple!
This is supported by a recent BT poll that said only 17% of corporations interviewed listed cyber security as a priority.
Don’t get me wrong, people are interested. Every speaking engagement or practicum we host, it’s a packed house, some participants even call back to say how much fun the real world practicum was to attend. A lot like those murder-mystery dinner parties where one of the guests are killed and you have to find the killer. Those things never happen for real and neither do the cyber-attacks we just experienced.
Despite, daily media reports about information theft or cyber enabled crime, like the hacking of the Port of Antwerp by drug dealers or fake repairmen putting keystroke loggers on Barclays computers or even News of the World hacking cell phones and emails for stories, companies just don’t care.
I’m guessing many are thinking this cyber-thing is just a fad and it’s no real threat and it will go away. Like the Nazi’s did in the 1930’s.
Maybe it’s because they don’t want to take lessons from the U.S. Over 800million customer records and pieces of proprietary data were stolen from companies in the US in 2014. But that will never happen in the UK or Europe right?
It’s the US and they have the NSA who hacks everyone according to the media. We can’t trust them. But, maybe “hack” is too strong a word. If companies in the UK and Europe are not doing anything to secure themselves then is it really hacking? It seems it’s more like online window shopping, if you can “surf” by a company and see that its data is easily readable, aren’t you going to read it? German PM Angela Merkel is talking with the French about building a cyber-wall around the EU to stop the window shopping from the US but that just means those within the EU wall can look in on rival companies, right?