Think we have a handle on security as a society and as individuals and collectives doing more and more on-line and via mobiles? If so, stop reading and go back to your dogmatic slumber – and ignore the fact that earlier this month we heard that 4.6m Android users have downloaded a suspicious app that transmits personal data to a site in China.
If you are still with us – listen to at least one organisation that’s using outreach to try and identify not just solutions but even the shape of the problems we’ll be dealing with in five years time.
That at least is the mission of something called the Digital Systems Knowledge Transfer Network’s Cyber Security programme. If you are not familiar with KTNs, they are an effort by a body called the UK Technology Board to stimulate technology-enabled innovation in the areas which offer "the greatest scope for boosting UK growth and productivity".
Though sponsored by Vince ‘If It Moves, Cut It’ Cable’s BIS, it is not strictly a quango but a non-departmental public body; it works mainly by attempting to build networks between SMEs, academia and larger enterprises in a range of areas, green transport being one apart from ICT.
The security element of the KTN is headed up by a senior manager at QinetiQ called Tony Dyhouse, who among many initiatives is part of the recently launched "cyber security challenge" that is trying to drive employment prospects for UK graduates by offering a range of prizes and competitions that if they do well at will get their CVs sent to prospective hirers (which has to be good).
For Dyhouse, the main problem, though, isn’t just the one the CIO will be familiar with on a daily basis – the threat to the organisational perimeter. He is convinced things like that nasty little Android app and the recent fake Mozilla download that fooled at least 2,000 people into letting it onto their machines points to wider issues that could potentially affect us all. "If we don’t start educating people in safe use and developing best practice, these events are likely to the start of a huge wave of security failures," he told CBR this week.
Usual security hype? It’s easy to be cynical about what Dyhouse is saying on one level and when pressed for solid, go-to market achievements his KTN have given us as yet he does go a little vapour-ish. But then that’s because what things like the Cyber Security Challenge and indeed the Programme and so on is about isn’t the straightforward development of new software box; it’s actually about boosting the level of the core debate.
Take iris recognition – touted so many times as the future of biometrics. You probably didn’t know that until the KTN started trying to fill the gap, this was all a pointless discussion as there were no iris databases around for anyone to try and develop anything serious.
Dyhouse’s team is also very active in putting smaller organisations in the right place to get on to things like the European Framework R&D programme, which is still surely a defensible way for universities, smaller firms, suppliers and bigger parties to do some cross-border blue-sky work. "We’re a catalyst," he says.
Talking shop, New Labour quango, waste of time? Sure. Now you come up with a better idea on how to do something a bit better about security than we now have.