News

Anyone able to remember a new 600 digit password every month?

15 February 2017

'Anyone able to remember a new 600 digit password every month?'

I don’t think so and thankfully nor does Ciaran Martin, CEO of the National Cyber Security Centre (NCSC) based in Central London and opened by Her Majesty the Queen on Tues 14 Feb, writes Jenny Parsons, ProTechs COO.

I listened to Radio 4’s Today programme yesterday (14 Feb) with a mixture of fear and incredulity as John Humphrys interviewed Andrey Kortunov, Director General of the Russian International Affairs Council and an advisor to the Russian Foreign Minister, for a feature around the threat the UK faces from Cyber Warfare i.e. attacks on our computer systems.  

Mr Kortunov said that he had no hard evidence that Russia is ordering cyber attacks on the electoral systems of Western Governments – I’m not 100% sure he would tell us if he had – and that Russia is itself worried about interference into its own political life.

Somewhat frighteningly, if things got ‘bad’ between Moscow and London, he appeared not to ‘exclude’ cyber threats on British infrastructure. Mr Kortunov also stated that the UK might qualify as the most consistent anti-Russian country if not in the world, then in the Western Alliance.

At this stage I was feeling somewhat gloomy and just as I was beginning to feel a little better, Mr Humphrys confirmed once again that Britain is under attack, cyber attack, from criminals at home and by other governments and that these attacks are causing us harm. There have been significant thefts of personal data (we know that there have been instances of this within the Not For Profit sector) and that there are two threats a day to our national infrastructure. Who was making these claims? Well it was Ciaran Martin, CEO of the National Cyber Security Centre which Her Majesty the Queen opened yesterday.

After hearing from Gordon Corera, the BBC’s security correspondent and the NCSC’s Technical Director Dr Ian Levy, about the potential security threat of the Internet of Things (IoT) with household items connected to the Internet and how criminals are exploiting the digital world to make money, stealing our identities and even holding hospitals to ransom by switching off their computers, I was finally reassured that we all may survive Cyber Warfare when John Humphrys interviewed Ciaran Martin.

Mr Humphry’s first asked Mr Martin that as we become more digitally advanced was it inevitable that we will become more vulnerable.

Mr Martin responded that with every new technology there is great excitement and great opportunities which allow “bad people to find new ways of doing bad things”.

He went on to say, that there was “no need to be defeatist about the risks of cyber attack”. The focus of the new centre is on protecting the services that really matter from attack and to manage those attacks that do get through so they cause as little harm as possible.

Mr Martin added that what’s important is that we improve the technology that we use in everyday life and we educate the people using that technology to use it more safely to reduce the risk of attacks happening and the harm that they do.

I then realised that what Mr Martin was saying should be repeated by every Security Information Officer, every IT Manager and anyone responsible for data security within any organisation, business, enterprise or NFP, to their employees.

Mr Martin had told Mr Humphrys before the interview that changing passwords was not always the answer. The important thing is to carefully chose which data is really important and to protect that data with a really strong password.

The NCSC had done some work around what it was asking the average British citizen to do in both their professional and personal life, if they followed all the guidance on changing their password and how that password should be configured.

What the NCSC was asking us to do was to memorise a new 600 digit number, yes 600 digit, every month.

Thankfully, Mr Martin said that not even his ‘best people’ could do this, so we shouldn’t be asked to do it!

Instead we should be enlisting the help of Password Managers, looking at the exposure of business (and personal data) online and applying the appropriate protection.

In a business environment, security professionals should be helping employees to make “sensible informed evidence based decisions” about what data protection is necessary.

With the security of data becoming an increasing issue for every NFP organisation ProTech understood that it needed to offer a highly secure integrated Web and CRM platform.

To ensure that we deliver the level of data protection our clients are looking for, we have worked with an independent Government certified (CHECK) organisation, and our specialist CRM and digital solution was successfully penetration tested to meet the security requirements for Government ‘OFFICIAL’ accreditation.

For more information on ProTech’s highly secure integrated CRM and Web solution contact: kim.smith@protech.co.uk

To listen to the full interviews click here Andrey Kortunov: 1:16:09 and Ciaran Martin: 2:10:10

 


BACK TO INSIGHTS

Sign up to our newsletter and brochure

Continue to learn more about ProTech’s lastest news, insights, software updates and forth coming releases. Sign up for our newsletter and request a brochure.     SIGN UP HERE

Latest News