Cleary in 2016 cyber security has made global news headlines, and there have been initiatives by governments and industry to try and mitigate the problems. The EU GDPR data regulations will soon be upon us. Data breaches will now incur serious fines and organizations will now need to appoint data processors and controllers to ensure compliance to the new law. I think this will be challenging to all of us.

It is widely stated that data is the currency of the 21st century and I agree. This raises questions on how do we manage this new currency? In a traditional financial market money is controlled by governments. They have various tools at their disposal and when needed they could offer “quantitive easing” in other words print more money or raise interest rates. How do governments regulate the flow of data in a democracy? The amount of data in the world is increasing exponentially and will never reduce. We now have laws that manage our new currency and how it is used. Knowledge has always been power but now currency and information are merging like never.
2016 has been quite a year for cyber security breaches. There have been so many that we are almost becoming blasé about them. Major breaches have occurred in the telecoms industry as well as in more esoteric industries, Ashley Madison and Adult Friend Finder spring to mind. Yahoo has also just suffered a major hack, in fact I cannot find an industry sector that has not been affected. Most disturbing is that the USA is stating the Russia using cyber technologies attempted to influence the recent USA presidential elections. That is very worrying as cyber hacking is now hitting at the heart of our democratic systems.

On a brighter note, I see the way organizations are tackling cyber security is changing. It is no longer viewed as just an IT problem. Cyber security is seen in a much wider context. That can only be a good thing. Boards are also taking more responsibility for cyber security and again this is good. Truly effective cyber security measures will only succeed if they are implemented from the top down within organizations. There is also a shift in the way organizations view information sharing. Many are now seeing the value of sharing cyber security data. This would have been unheard of a few years ago. The shift is also being seen in the way people are trained in cyber security. It has become accepted that if we train people to use IT systems security no matter if they are at home or work this bolsters overall security. The Internet of Things (IOT) has shown us that everything is connected and this will cause more security issues.