Maksim Kabakou - Fotolia

Public education on security must be a top priority for Labour

With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government

Since 4 July 2024, a new Labour administration has been in place in the UK, but the last time Labour were in power was 14 years ago in 2010, and a lot has changed on the cyber security front since that time.

More virtualisation, more outsourcing of part or all of a company’s IT to the cloud, and considerably more powerful computing chips and associated computer memory, to name but a few significant changes.

This all means that the firepower that a an adversary can bring to bear on an organisation, or an individual, is vastly superior today to what was at their disposal in 2010.

Social media has also gained in popularity and, in the process, has not only become a power for good but also a tool for the bad and mischievous in the world.

Looking back over the UK Home Office cyber study, published back in April 2024 and reviewing the security breach landscape for the previous 12 months, is sober reading. By far the biggest threat was email-based phishing, occurring in 84 % of breaches, with email impersonation of a company next at 35%, and viruses and malware a factor in 17% of breaches.  Figures given are for businesses, charities were broadly in line with business.

The main issues highlighted in the Home Office report indicate that one of the first actions the new administration must do is to set up a sustained mass media campaign to raise awareness of email born attacks. I’m old enough to remember the heyday of British public information films (PIFs) such as the ‘Clunk click, every trip’ campaign when car seat belts became mandatory. Such a cyber-focused campaign should also cover the potential for viruses and malware being carried over social media channels and other vectors.

My second recommended action would be to have the Home Office, the National Cyber Security Centre (NCSC) and business groups including the Institute of Directors (IoD) and the Federation of Small Businesses (FSB), together with the Charities Commission, work together on an awareness campaign to businesses and charities to address other shortcomings including cyber hygiene as identified in the Home Office cyber security breaches survey. This should include security risk assessment and mitigation and security monitoring tools and processes.

Read more on Security policy and user awareness

CIO
Security
Networking
Data Center
Data Management
Close