by Darren Prosser, BSc Computer Forensics student.
Cyber security is a significant subject in today’s society, and it has a powerful impact on businesses and citizens of the world. It’s easy to forget the importance of cyber security, but we all play an important role in protecting each other in this area.
Last month, I visited the Cyber Security Summit and Expo at the Business Design Centre in London, along with my fellow third-year Computer Forensics students. We had the opportunity to meet the elite of the cyber world and get inside knowledge of how businesses and government organisations implement the latest security protection on their systems, in order to keep the citizens of Britain safe.
The summit started with a senior representative from government organisation National Cyber Security Centre (NCSC) giving a talk on what they are doing to address the concerns regarding systems across the UK and beyond. The NCSC stated that their aim is to share lessons on real-life attacks to help prevent further issues. There are an average of two million cyberattacks every year; most of these attacks are caught without any information being exploited, but system administrators must remain vigilant. This talk encouraged organisations to make decisions on their own systems and helped us to understand how we all can play a part in preventing attacks, whether it is in our personal or professional network systems.
Further into the day, there were talks on a number of key cyber security areas, including data breaching. Recently, we have seen an increase in attacks on public services and other well-known companies with millions of customers. Customer data is worth a considerable amount if it gets into the wrong hands, and we learnt that in the event of a data breach, companies have 72 hours to report to the Information Commissioner’s Office (ICO) who then deploy resources and assistance to help minimise the disruption of the attack. The ICO was present at the summit and explained that companies are not protecting their data as much as they should, therefore they have commissioned a new legislation called the General Data Protection Regulation (GDPR). The GDPR will come into force on 25 May 2018 and the majority of companies in the United Kingdom will have to comply with a vigorous framework of rules set by the ICO.
As part of the summit we were lucky enough to have the chance to attend the first GDPR Conference, where speeches from major companies across the UK expressed how they have become compliant and gave tips to other companies, including universities, on how to become compliant. We had talks from Henley Business School on the role of a Data Officer; TheTrainline.com on Data mapping; and Symantec who produce some of the leading security software on the role of technology in keeping data private and secure.
The day was full of opportunities for us to introduce ourselves to companies at the Expo. We are the next generation that will be protecting society’s online world, and it was great to see what companies are implementing now ready for us to take over and improve so that we can make the online world a safer place.
The day taught me that although the term ‘cyber’ and some of the terminology mentioned here may not mean much to the everyday web-user, a key aspect of protecting our data is to help look after it ourselves. It was a really valuable day that my peers and I thoroughly enjoyed. A big ‘thank you’ to our lecturer Shahid, and to BCU for arranging for us to attend.