Today we live in a society where criminals face less risk by stealing millions of pounds using a banking Trojan than by committing an armed bank robbery, and where corporate networks can be rapidly disabled by unseen remote assailants.
This is no longer movie fiction but a reality with the advent of hacktivists, cyber-criminals and cyber-terrorism.
Rapid developments in digital technologies have enabled the creation and adoption of a wide range of innovative products and services. The use of these digital technologies pervades virtually all areas of our lives. Some developments are visible as consumer devices such as smart phones, laptops and tablet PCs, satellite and HD TV; others such as network routers and wireless technologies are largely invisible to the consumer. Many individuals are also unaware of the extent to which software is used to control the supply of their utilities, in their vehicles, in traffic signalling systems and to control the environment in their office buildings.
This widespread use of digital technologies has brought with it new threats to the safety and security of our society. In the past we relied upon physical measures to protect our assets: for example, vaults, security fences, cameras and guards. The sophistication and effectiveness of these physical protective measures has significantly reduced the risk of losses through physical theft and increased the risk of being caught. For example, as a result of the improvements in physical security of modern high value cars it is now easier to steal the keys rather than try to bypass the vehicle’s locks and alarms.
In a digital world with ubiquitous networked connectivity purely physical measures provide limited protection. Increasingly the attacks on our systems are network-borne, targeting the software and any stored information, through hacking, malware or denial of service (DOS) attacks. To address these threats we need to build systems and develop software with fewer vulnerabilities and greater resistance to attack. Simply trying to bolt on security to existing technology is of limited benefit if the underlying design is inherent insecure or the measures are easily bypassed.
The IET is currently working to address two particular challenges:
The IET is an active participant in the Cyber Security Skills Alliance, working with Alliance members to encourage the development of cyber skills by engineers and technologists.
The IET has launched a sponsorship scheme for postgraduate courses to allow young professionals to develop their knowledge and skills in this important area.
The IET has published an Insight document and a technical briefing providing information on the cyber security issues facing cyber security and the built environment.
The IET has produced a number of information technology factfiles that are cyber security related; and also regularly holds seminar events and technical seminars which are cyber security related.
Are you an engineer or technologist who wants to know more about cyber security; share your knowledge and experience; get involved in the development of sector specific guidance material?