The answer to that question, posed in Computer Weekly, is quite straightforward – the link is flows of data.
Throughout history, understanding, optimising and securing flows has been vital for economic success.
Rome controlled its empire by using a network of roads 400,000km long to trade, to move armies and to communicate – three critical flows. And flows of water via precisely engineered aqueducts helped maintain good health among the citizens of the empire’s cities.
The British Empire stretched around the globe, and the Royal Navy’s dominance of trade flows through sea lanes was critical in helping Britain achieve pre-eminence. Engineering advances like ‘copper sheathing’ helped optimise flow of water under the hulls of ships, maintaining the performance of the navy.
Oil was the critical economic flow of the twentieth century. The USA has played the key role in understanding, extracting, refining and protecting these flows. Oil companies have a very precise understanding of how every asset interacts to optimise flow of product. Any asset that does not add value, or that increases risk, is ruthlessly discarded [more].
Today flows of data are, increasingly, what drives the global economy.
Over 90% of the world’s money exists in the form of data. Hundreds of billions of dollars flow around the globe every day through the IT systems of the financial markets.
In all sectors, directly or indirectly, organisations are increasingly reliant on flows of data to perform some, if not all, of their activities.
But, with a few exceptions in industries like Nuclear and Oil & Gas, businesses and governments do not yet have clarity about how data flows through individual organisations. [more]
And that means that there is insufficient clarity about how most business systems work – which means many are potentially vulnerable to outages and/or attack.
Events like the 2010 ‘flash crash’ in the financial markets, the Stuxnet worm attack, and the recent outages at Amazon and Sony reinforce the point.
Blaming ‘black swans’ isn’t good enough. [more]
So it’s probably a good time to have the Second Worldwide Cybersecurity Summit.
The summit’s goals include:
[setting] in place new models for private sector leadership in addressing high priority vulnerabilities and threats associated with global internet connectivity and ICT development.
[making] advances on the most pressing issues in global management of critical information infrastructure with collaborative international breakthroughs.
Greg Austin, of organiser’s the East West Institute, makes an illuminating point in the Computer Weekly article about thinking among global leaders:
“In, just about, every geography cybersecurity is going higher and higher up the political agenda and it would be interesting to know whether that is being replicated in all the boardrooms around the world, as it should be.”
Here are some points that we think should be considered by boardroom members and others at the Cybersecurity summit:
- to some degree your organisation can be considered as a “refinery” – instead of processing oil, it processes data
- data is the life-blood of your business and increasingly of the global economy – but it’s unlikely you have sufficient clarity about how data flows through the people, process and technology of your organisation, and, by extension the other organisations with which it interacts
- this is not an unusual situation, and that is part of the problem – it’s what makes so many organisations vulnerable to outage and/or cyberattack
- clarity can only be created when you can clearly see and easily communicate how the assets of the business (including people) interact with flows of data. These flows have to be understood and engineered like other important flows throughout history
- when you have that clarity you are then in a position to make more-informed decisions about optimising and securing your flows of data, and minimising risk to your business, or country
When you break it down like that it’s just common sense which is why we, at OBASHI, agree with Greg Austin’s conclusion:
“..cybersecurity issues are more urgent than people think and that there are relatively easy solutions out there, but to get to those solutions we have to start talking to each other in more meaningful ways, more frequently and across more borders”