Columnist Gerry Rourke, Cyber Security Specialist at Fujitsu
Cyber Security Opportunities in a Post COVID World Gerry Rourke, Cyber Security Specialist at Fujitsu, discusses how Northern Ireland’s expanding cyber security sector can help play a role in COVID-19 recovery.
strong growth opportunity that can boost economic recovery as we face the twin challenges of COVID-19 and the end of the Brexit transition period. In 2018, the NI Government released its Cyber Strategy: A Strategic Framework for Action publication, aimed at developing a skilled cybersecurity workforce and making the region “an excellent cybersecurity centre”. This strategy has the dual benefits of protecting NI organisations from cybersecurity threats and driving the economic benefits of creating circa 5,000 new high value jobs in cybersecurity by 2026. At Fujitsu, we have recognised the potential of the NI region as a leader in cybersecurity, and have been migrating the majority of our networking/security support functions for major UK and NI Government clients into NI since 2011. Fujitsu recognise that NI must develop cybersecurity knowledge workers, such as strategists, solution architects, technologists as well as process and delivery expertise, to remain competitive in this growing market. It is an ambitious goal and one that we have not yet reached. It can only be achieved by building the underpinning third level educational structure to ensure a large number of highly skilled people are entering the cybersecurity workplace to attract major security providers/investors. Fujitsu has seen this drive in other UK regions. For example, we have collaborated with Cyber College Wales (“Cyber College Cymru”), Admiral Insurance and Thales to develop a pilot project, that included a modern Cyber Security Curriculum. The goal is both to close the skills gap and enable young people to develop their careers in an area of opportunity. This public and private partnership also provides blocks of practical work experience through the academic year. NI is driving cyber innovation, through the Centre for Security Information Technologies (CSIT) and Queen’s University Belfast, who are doing great work in focusing on new evolving areas of security growth. Queen’s are also supporting the programme by offering 400 free places to online cybersecurity courses to upskill and retrain those directly affected by COVID-19. Going forward, Northern Ireland businesses will have to focus on strengthening their cybersecurity, in line with NI Cyber Centre guidance, to ensure they avoid potential risks. This commitment should include, among other things, building security awareness and upskilling personnel both to deal with cyberattacks and to educate personnel on how to remain vigilant to potential threats. Times of adversity often present opportunities. By expanding our cybersecurity business engagement, developing our expertise and investing in the next generation of cybersecurity professionals, we can address the threats as well as capture the global opportunity to access new markets. In this, we can make Northern Ireland both, a cybersecurity centre of excellence, and an attractive place to do business.
T
he cyber security challenge has grown exponentially in the past 5 years as complex cybersecurity threats become evermore commonplace globally. While this threat presents an ongoing challenge for many Northern Ireland businesses, the cyber security industry has also grown in NI to meet the increasing global demand for services and technology to support businesses to meet these challenges. In its annual review, the National Cyber Security Centre reported that it fended off more than 200 COVID-19 related cyberattacks such as phishing and ransomware in the last 9 months as cyber criminals exploit the pandemic. Many of these attacks came in the form of opportunistic phishing emails, where credible sources indicate a 600% spike in attacks. To place this in context at an individual level, some £190,000 is lost every day in the UK by victims of cyberattacks. Locally, the Police Service of Northern Ireland (PSNI) has seen a surge in cyberattacks against local businesses since the outbreak of COVID-19, with many attacks trying to exploit the upheaval and uncertainty that the pandemic has created. As we introduce new digital applications and technologies, the global digital infrastructure becomes increasingly diversified and at greater risk of cyber security threats. Cyber security is an essential facet of doing business, and a good example is the recent shift to remote working, which has become a key target area for criminals. Research shows that 74% of CFOs expect a significant part of their workforce to continue working from home after the pandemic has ended. This expected shift exposes businesses to security risks at a scale they have never faced. With cyber security threats now coming in many forms, from phishing to ransomware to attacks on cloud based systems and IoT devices, all organisations must have a robust cybersecurity plan that enables them to prevent, as well as respond and recover from cyberattacks. A recent example in 2020 that underlines the importance of response and recovery is the well-publicised ransomware attack by “Sodinokibi” on a currency exchange provider that resulted in several high street banks being unable to offer currency exchange services for weeks. Just as cyber threats become more sophisticated, so do the capabilities – people, process and technology – required to address these attacks, such as the need for 24/7 monitoring, incident response functions, intelligence and technical capabilities. This is balanced against a current global shortage in cyber security skills, which stands at around 3.12 million people. The scale of the challenge means that cybersecurity solutions and skills must be delivered rapidly to address it. Herein lies a
90
