Col. John Doody Cyber to the Citizen

Colonel John Doody FBCS FCMI CITP IISP MIOD

International Subject Matter Expert Cyber

Security and Information Assurance

Member of the BCS Security Community of

Expertise

High threat

Club

Defence

Intelligence

Critical National Infrastructure

Financial

Telecommunications

Energy

Transport

Cyber security

Wider Market

Local government

Large businesses

Small & medium

businesses

Personal

Cyber attacks HOW DOES THIS AFFECT THIS AFFECT THE CITIZEN?

• Internet banking?

– hackers routinely pretend to be your bank

– cost UK nearly £60m in 2009

(New Card and Banking Fraud Figures UK Cards Association)

• Mobile phone calls?

– anyone can listen into a mobile call in 3 minutes with equipment

costing £10, instructions online

(Wideband GSM Sniffing, Nohl & Muaut, 27th Chaos Communication Congress)

• Corporate networks?

– RSA lost its SecureID secret, costing parent company EMC £50m

– 20% of Fortune 100 companies hacked the same way

(Who else was hit by the RSA Attackers?, Brian Krebs, KrebsonSecurity.com)

• Confidential financial market data?

– Nasdaq OMX got repeatedly hacked, attackers viewed a wealth of

confidential data

(NSA to Investigate Nasdaq Hack, Kim Zetter, Wired Magazine)

• Aviation?

– in 2008 a hacker almost shut down US Air Traffic Control

(FAA report number FI-2009-049)

The Citizen

• Vulnerable • Conducting ever increasing transactions/business on line

Banking Hotels Booking Holidays Bookings Flight Reservation/Purchase Vehicle Tax Train tickets Shopping Gaming Insurance VAT/Corporation Tax Subjected to:

Phishing attacks Spam Uses easy passwords e.g. Their own name (Post it Notes on Screen)

Does not patch Does not secure their wifi router Answers money related emails Opens attractive emails Do not have AV or if they do they do not update

Identity theft Owns a lot of data Downloads software from dubious sites And they don’t know what they don’t know

Protect Your Computer

Protect Yourself

Smartphones & Tablets

Shopping, Banking & Payments

Safeguarding Children

Social Networking

Other Things You May Do Online

What are the consequences?

•For the individual

•Blackmail

• Identity theft

•Fraud

•Misrepresentation

•Malicious manipulation of data

•Severe Financial Loss

•For Industry data keepers

•Reputational loss

• Litigation – business and civil suits

•Financial penalties from regulators

•Business failure

• Loss of Competitive Edge

What does the future look like?

• By the middle of 2013 most people in the UK are using smartphones to connect to the internet.

• According to predictions from the research house Gartner some 1.8 billion smartphones will be in use worldwide in 2013 and for the first time will overtake PC use, a projection that has major implications for UK companies.

• Meanwhile forecasts by the telecommunication company Cisco suggest that by the end of 2012 the number of mobile-connected devices will exceed the number of people on earth. By 2016 there will be over 10 billion mobile-connected devices.

• Currently some 12 percent of mobile phones in the world are smartphones yet they account for 82 percent of global mobile data traffic, a figure that has tripled in a year.

• Future developments in 4G point to even greater usage of data; 4G devices currently only account for 0.2 percent of mobile devices, yet are responsible for 6 percent of data traffic.

• Security Impact of BYOD or CYOD

Education, Training and Professionalism • Need for technology implementers

• Need for Users

• Government initiatives in place

• Needs to start in Primary Schools

• Needs common core cyber modules in University Courses

• Needs Marketing Campaign for the Citizen:

– Clunk Click Every Trip

– Think before you Click

• Security is not fit and forget, needs regular refreshment

• This is all about our national prosperity

And don’t forget …

Don’t think “it will never happen to me”

Don’t get into bad habits, and change your habits

Don’t take online safety for granted

Don’t behave online any differently than you would in the

‘real world’

Don’t forget that ‘online’ means your mobile device too

What can we do?

•Have a BCS Membership Outreach Programme

•Partnership with Get Safe on Line (GSOL)

•Input from other organisations involved in this

subject

•Use briefing material from GSOL

www.getsafeonline.org

What can we do?

Go to: https://forms.bcs.org/policy/. Register your interest

1.Thank you for your interest in promoting online safety to your local community through our partnership with

Get Safe Online.

2. The initiative aims to link volunteers from the Institute’s expert IT membership with local communities to provide free

practical advice and education, using materials developed by Get Safe Online.

3. If you are a BCS member with Associate grade or above and would like to volunteer to promote our online safety

messages in your local community, please complete the details below.

4. Please note that by submitting your details here you are authorising BCS to share your details with the Get Safe

Online administrators. These details will be used solely for the purposes of collecting your information to bring you into

the scheme.

5. You can use an email address that is different from the address registered with BCS if you wish.

BCS membership number:

Your name:

Email address:

First line of address:

City:

Postcode:

What Support is on Offer?

•PowerPoint Presentation

•Pop Up Stands

•Brochures Dual Badged BCS/GSOL

•Gifts

•On line support from GSOL

•On line support from BCS

•Quiz

Presentation to insert name here 14

The Citizen Needs your support

Presentation to insert name here 15

Target Audience

• Schools

• Libraries

• Senior Citizens

• Local Community Groups

• Local Businesses

• Family/Friends

• Scouts/Guides

• Village Halls

• Etc

Presentation to insert name here 16

Information and advice from

Get Safe Online and

BCS – The Chartered Institute for IT