Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Evening Standard
Evening Standard
Comment
Peter Firth

Cyber attacks are on the rise, so we must keep up with the IT crowd

The Channel 4 sitcom The IT Crowd is about an aspiring executive – Jen Barber – who is charged with running the digital operations of a fictional corporation called Reynholm Industries.

In episode one, she discovers that her new department isn’t located in the salubrious heights of the company HQ, but down in a grotty basement. And it gets worse. Her staff comprises two dysfunctional IT technicians. This pair of socially inept fixers peevishly squabble on the phone to workers upstairs or bewilder them with obtuse jargon. Sound familiar?

The gags in the show have aged well(ish), but the premise has not. Workers in charge of IT systems might once have been a marginalised subculture in corporate life, but now there’s more to occupy them. Like multiplying cyber threats, fast moving changes to policy and sudden upgrades to tools themselves.

If the writers of The IT Crowd decided to set a series in 2023, it would be more realistic to place the main characters in corner offices on the main floor. In an uncertain world, Chief Information Security Officers (CISOs) are on an even keel with the top brass.

Threat upsurge

Cyber threats are multiplying – fast. In 2022, attacks increased by 38 per cent globally on the year before according to CheckPoint Research, the intelligence arm of a cyber software company.

Stats pertaining to the UK show that where security is concerned, lightning often strikes twice – or, rather, once every seven days. Figures from the government show that 31 per cent of businesses and 26 per cent of charities suffering attacks are hit at least once a week.

It might be tempting to assume that a new-fangled innovation like AI will offer a cure-all. In truth, the secret to repelling bad actors is more human. That is, a clued-up CISO with a squad of experienced hackers.

Haris Pylarinos is CEO of Hack The Box, an upskilling platform for cybersecurity professionals. He founded the company in 2017 after realising that mitigating threats is more about developing skills (like lateral thinking, imagination and problem-solving) than it is about applying knowledge.

“We recognise that the human element is the most important factor in cyber security,” he said. “Generally, repelling cyber threats requires a lot of thinking. It involves a lot of awareness, understanding all the clever ways criminals might try to fool you in order to gain access or data from you.”

Policy problem

There’s an equally urgent issue for organisations that is bringing CISOs to greater prominence. And it might be even more difficult to unpick than the wave of cybercrime set to continue in the coming years. It’s the fast-changing geopolitical landscape, where nation states enforce vastly different laws and regulations to do with data as well as tools and systems that are permitted in each place.

Governments are used to managing borders when it comes to people and products, now they are getting better at figuring out how to do the same in the digital sphere. The idea of data sovereignty is growing in importance, where leaders are more exacting about where information is stored, and whether it falls into foreign hands.

For instance, if you are the CEO of a major US corporation that also has big offices in Paris, Frankfurt, Beijing, Jakarta and Delhi, adhering to the digital policies of each, and keeping the business going, becomes an intensely complex Venn diagram of regulation.

Services are sprouting up that are designed to make CISOs’ lives slightly easier. Worldr is a new company that helps leaders manage some of these headaches. It’s a security plug-in for Microsoft Teams, WhatsApp and Slack that helps guard against third party breaches, and also provides a set of tools that make products like these compliant with local laws.

World CEO Max Buchan said: “The CISO needs to be more strategic and forward-looking than before. Historically there can be tension between a department whose job it is to look for commercial growth and opportunity, and one whose job it is to look at risk. But when a mistake can mean billions of dollars in fines, people realise how important this stuff is.”

CISOs and the departments they run have a tough job. But digital teams are significantly more empowered and recognised than they were a decade ago.

Few of them will hanker for simpler times when the job involved answering the phone and uttering the much-maligned phrase: “Hello, this is IT. Have you tried turning it off and on again?” Although sometimes that does still work.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.