We must stop cyber criminals causing chaos
THE presence of a generation of fintech entrepreneurs on the honours list, firms that prospered when banks were on the naughty step, is a sharp reminder to existing businesses of how tech challengers can eat your dinner.
From finance to land transport and from grocery shopping to media buying, disintermediation (cutting out the middle-person) is the name of the game.
But in much the same way as new financial organisations, such as Samir Desai’s Funding Circle and the internet bank Atom, can change the way we do things and are creating valuable new businesses – taxi disrupter Uber is valued at £34bn on some models – so they remind us how dependent we are on technology.
Indeed, much of the technology we already have is deeply flawed. The big high street banks, with their tens of millions of customers, are in a constant struggle against the upstarts. Royal Bank of Scotland is still wrestling with one legacy of the Fred Goodwin era – IT systems that frequently let customers down.
We saw in 2015 how frightening it is when systems go down or are raided.
The reputation of challenger, no-frills telecoms firm Talk-Talk and its chief executive Dame Dido Harding was wrecked when it was hacked. There were fears (later unproven) that its whole customer base had been raided, exposing customers with a threat to personal security. Even the act of signing up to regular updates on activities at the Wetherspoon pub chain was unsafe because some of its networks were not robust.
The innovators are constantly coming up with new ideas that ought to make services cheaper and more efficient. As they challenge the existing corporations and these enterprises rush to catch up they become more vulnerable to cyberattack because systems developed long ago to deal with the mass market are not ready for more sophisticated applications.
The clash of new technologies with old, fintech versus traditional banking, and the security of systems will be among the great issues for business in 2016.
Accounting firm KPMG (which had legacy problems at Fifa, HBOS and the Co-op Bank to deal with) noted 7.5m cyber offences last year and it predicts 2016 will see cyber crime feature in official statistics.
What is really frightening is the variety of possibilities for cyber harm. Among the most worrying is the arrival of ‘extortion’ attacks.
Companies so fear reputational damage from digital leaks they will do anything to protect themselves. This includes paying ‘ransoms’ rather than going public with the data loss. It is the equivalent of big oil giving money to Nigerian terror groups to stop them siphoning crude from pipelines.
KPMG reckons that in 2016, instead of broad-based attacks the cyber criminals will be more sophisticated, aiming at people of wealth, corporate treasuries and commercial banks. It will be more a case of Brinks Mat rather than hoping there is something at the till in the local branch.
What is most terrifying, perhaps, is the range of targets. VW has suffered an almost terminal event for trying to cheat people over emissions and performance. What this demonstrated is the potential for attacks on all things technological, from connected cars to medical devices.
SIMILARLY, everyone talks up the ‘cloud’ in optimistic terms, and companies specialising in this form of storage – salesforce.com and Amazon – have seen share prices rocket because of their command of this technology.
Yet it is by no means clear that the cloud is really the safest place for public institutions, such as HMRC or the NHS, to be storing the vast amount of data they have on our personal affairs.
More robust ‘incident response systems’ are required, argue security analysts Open-Sky.
The list of vulnerabilities is endless, and hackers and cyber criminals always seem to be one step ahead of public sector organisations. Our priority ought to be to make sure that cyber protection becomes an important part of national and corporate governance.
A prosperous and safer New Year to all our readers.