Securing public and private cyberspace: Procurex Wales

cyber security

A recent report from McAfee and the Center for Strategic and International Studies in Washington, DC estimated that globally cyber crime costs $400 billion a year. Here – ahead of his talk at Procurex Wales – Paul Clarke, Managing Director of cyber security firm Xenubis, tells BiP journalist Julie Shennan how the threat is evolving and what the supply chain can do to tackle it.

Xenubis is a global IT firm that provides intelligence and security solutions to identify cyber espionage and criminal activity across the physical, human and digital dimensions. Managing Director Paul Clarke is a passionate advocate of cyber awareness, speaking at events such as DPRTE and Procurex Wales on the topic.

Mr Clarke’s concern is well reasoned; earlier this year internet service provider (ISP) Beaming surveyed over 500 UK firms and found that one in eight had suffered malware attacks costing an average of £10,516 to manage.

Mr Clarke noted: That is only the cost that we know of; a lot of companies don’t make their breaches or attacks public knowledge. This cost also does not count the effects on reputation and customer confidence.”

He went on to explain that globally cyber crime was outpacing traditional crime.

He said: “It is bigger than the global drugs trade. Cyber crime is more convenient to criminals than analogue crime; they don’t have to leave home or smuggle anything, so there is no way that the criminals are going to stop committing it.”

Hacktivist culture is also making cyber breaches easier to commit.

Mr Clarke warned: “Cyber attackers’ skills and tools are more advanced than ever; you can go to the Dark Net now and get a hackers kit which comes equipped with a fully managed helpdesk, allowing people with no experience to attempt a breach. So the threat is not now just from state-sponsored activists, it is also from organised criminals and collectives, such as Anonymous, who might have other motives.”

This increasing range of hacker types, Mr Clarke observed, is facilitated by the mobilisation of the Internet of Things. “The increasing connectivity of smartphones will in turn provide an increased marketplace for criminals,” he cautioned.

“So if you are thinking of making your business mobile-responsive then you need to think about cyber risk and cyber security. This threat is not going to go away; it is just going to get more advanced.”

Mr Clarke speaks from years of experience – having worked as a security advisor to government, as a private cyber security consultant and as a former Serviceman. However, he explained that the facts of the cyber threat were plain for all to see.

He said: “There is a lot of information out there on cyber breaches; TalkTalk, LinkedIn and the Panama Papers data leak all show how common cyber attacks are. Every bit of information in the news shows that the cyber threat is real and will affect most people at some point.”  

SMEs, Mr Clarke added, are no exception.

He emphasised: “SMEs, especially non-finance SMEs, might be tempted to think that they are too insignificant to be targeted, but this not the case. Money is going lost in normal transactions and through breaches of customers’ emails.”

With that in mind Mr Clarke urged suppliers of all sizes to invest in good cyber security.

He said: “The threat is real; it’s a case of when not if an attacker will target your company. Companies need to approach the topic of cyber security, understand how cyber threats manifest themselves in their business and how they can protect themselves at the highest level possible.”

This means prime contractors examining their whole supply chain and identifying any soft spots that hackers could target. “Attackers will target the easiest route into this supply chain, so it is up to the prime contractors to ensure that their partners are protected,” he explained.

Mr Clarke also urged the CEOs of all companies to take ownership of their organisation’s cyber security.

He said: “CEOs must start from the top down and implement education, training and awareness to ensure that everything possible is being done to protect data, money and reputation.

CEOs and senior executives need to understand that it is up to them to protect their own and their customers’ data by mitigating risk. Ministers are now discussing the consequences for company leaders who do not protect their data, such as fines from regulatory boards.”

While cyber security failures could be cause for punishment, cyber vigilance could equally be cause for reward, with the Government’s Cyber Essentials Scheme (CES) recognising responsible organisations.

Mr Clarke explained: “If you want to be on government supply chains you need to ensure you are signed up to the Cyber Essential programme. You must also ensure your IT team have the relevant external tools – to understand where the cyber threat come from and how to mitigate the threat – and if the IT team don’t have these tools then they must outsource them.”

Mr Clarke recognises the UK cyber skills shortage, saying not enough operational and academic training is currently on offer – to the right people – to tackle the cyber threat head-on. However, he remains optimistic that the public and private sectors can work together to make up this shortfall.

He concluded: “Government should work with the private sector to help suppliers raise awareness, increase compliance with Cyber Essentials and increase access to cyber protection tools.”

For more information come to see Mr Clarke speak at Procurex Wales Digital Procurement Zone    on 6 October 2016.

 

Share This Post

More To Explore
Blogs

Spotlight on…Fraser Haddow

This month’s spotlight turns to our IT operations and development department with Fraser Haddow.  In what capacity did you join BiP? What role did you start in and what role do you have now? I joined BiP in the role of Scrum Master, but have recently transitioned to Platform Success Manager. Whattakes up the most amount of your time in your day-to-day?  Azure DevOps! It’s the platform that allows us to track progress on our product development and keep track of any issues, so it’s use forms a large part of the role. What do you like most about your job?  I like seeing a product improvement travel through all the stages from idea to implementation and then deployment, overseeing the journey to completion provides a great sense of satisfaction. What do you like most about working at BiP?  I like interacting with lots of people that span multiple departments and roles, this keeps things interesting, and it always helps to see things from other people’s perspectives. What does a great day at work look like? It always starts with coffee – then a day with a few meetings (not too little or too many!) and some time to get some work done. Ideally, right now a good day also involves bugs being closed and no new ones being opened. Do you have any unusual hobbies? I’m a big movie nerd and am very into low budget/indie horror which is maybe unusual! Music wise, I also am very into death metal and New York hardcore which is a little unusual. Been anywhere strange? (country/place/bar/tourist attraction?!) The most fascinating place I’ve been is a city called Varanasi in India – would recommend to anyone, it’s super interesting. Blow your own! … what do you excel at? Work or leisure I like to think I’m quite good at guitar and drums. Work wise – I think I’m pretty good at being organised, but my colleagues can tell you if that’s true or not! Quick fire:  Coffee or tea – Coffee Book or film – Film Cat or dog – Dog (I have a Spanish greyhound) Hot or cold – Hot Salty or sweet – Salty Tattooed or not – Not Night out or night in – Night in  Email or meeting – Depends on how many other meetings are on! Teams calls: video call or audio? – Video Eating: al-desko, break room or break out altogether – Usually al-desko Mountain or beach – Beach

Vicky Maggiani 19th July 2023
Blogs

Spotlight on…David Stewart

This month’s spotlight falls on our BI Sales Division and David Stewart. A relatively new member of the team he has been at the company for just over a year, joining in May 2022 as a Business Development Manager for Tracker. Thanks for joining me, David. How are you enjoying life at BiP? I really like it, even though it’s taken a while to get to grips with B2B. I came from B2C, so I‘d never done business sales before, but the rewards are starting to come through. I managed to do 175% of my target last month and I’m on track for target this month – if everything goes to plan! What did you do before coming to BiP? I had a seven-year career at EE, starting as a part time sales advisor through to managing a couple of shops and being a sales manager for them. And what would you like to be in the future is there a dream job or a dream position? Aspirational goals? I’d love to get to director level at some point within a company. So be that Sales Director, Operations Director, that’s my goal What takes up the most of your day-to-day? Most of my day is genuine client interaction, customer interaction and reaching out to new prospects. Understanding what their challenges and struggles are to work with the public sector. And what sort of challenges do your customers have? what sort of challenges can you help solve for them? The challenges I’m hearing are that they don’t understand how to build the relationships with the public sector buyer before the tenders are published. They need to get in there as early as possible, to develop these relationships and we really are making a difference to their business because they’re not just running a tender, we’re helping them build a relationship for future business. It’s actually good to know you’re making a difference to somebody when you’re selling something. Do you prefer to be Working from Home or in the office? I like being in the office. I like having an atmosphere around me and the support network, your manager and your teammates. I’ve always thrived off a good atmosphere, so I prefer to be in the office than work from home. Are there any sort of changes or initiatives you’d like to implement into BiP? I ran a couple of charitable events at EE before, Charity 11 aside football matches and things like that. There’s a lot of buildings around, there’s the BBC, The Village hotel, big corporations, big businesses that I don’t see any reason why they wouldn’t want to get involved in charity stuff like this. It’d be great to implement something like that. What the biggest challenges you have in your role? Managing customer timelines and managing my own pipeline. That’s the hardest part of this job. Not knowing when something’s going to come in and when something’s pulled out from under you. My colleagues and my manager Chris help me regularly with this and are extremely supportive. What do you like most about your job? The interaction with people, I’m a big people person. I really enjoy speaking to people in different industries, different businesses and just learning more about what they’re doing for two reasons. It builds up my knowledge of the market in general and lets me understand what businesses are really struggling with. Speaking to people and making a difference is the thing that makes a big difference to me. Speaking to someone about the challenges they’re having, and if I can genuinely fix it for them, that’s what I like most. What do you like most about working at BiP? The culture is very good so far and very much gives back as well and looks after its employees. The support and the culture in the business to make sure everyone succeeds is incredible. What does a great day at work look like? A great day looks like this: seeing my name up in that sales board a few times on one day. As soon as a deal comes in, but also coming in to a reasonably filled diary. Do you have any unusual hobbies? I’m a very keen badminton player. I’ve been playing for years competitively. I had my own deejaying business for a couple of years as well. Quick fire. Coffee or tea – Coffee Book or film – film Cat or Dog – Dog, I have a dog. Hot or cold – I prefer being cold Salty or sweet – Sweet Tattooed or not – tattooed Night out or night in – Night out. E-mail or meeting – Meeting Teams call video or audio – Video, always video. Lunchtime: Al-desko, break room or break out altogether – Break out altogether, I like sitting in the breakout zones. Mountain or beach – Beach

Vicky Maggiani 23rd June 2023

Do You Want To Boost Your Business?

drop us a line and keep in touch

Contact Us