IFSEC Insider is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
James Moore is the Managing Editor of IFSEC Insider, the leading online publication for security and fire news in the industry.James writes, commissions, edits and produces content for IFSEC Insider, including articles, breaking news stories and exclusive industry reports. He liaises and speaks with leading industry figures, vendors and associations to ensure security and fire professionals remain abreast of all the latest developments in the sector.
IFSEC Global sits down with John Gilbert, GM and Regional VP of Sales at Yubico, to understand how the company is working in partnership with the Police Digital Security Centre launched at IFSEC 2019.
Hi John, can you tell us a little more about Yubico?
John Gilbert (JG): We’re setting new global standards for simple and secure access to computers, mobile devices, servers, and internet accounts. Our core invention, the YubiKey, delivers strong hardware protection with a simple touch, across any number of IT systems and online services such as Facebook, Twitter, Google and Microsoft. Our technology is used by nine of the top 10 internet brands and by millions of users in 160 countries.
We understand you’re partnering with the Police Digital Security Centre. For those who many not know, can you explain what the
John Gilbert, GM and Regional VP of Sales at Yubico
PDSC is aiming to do?
JG: The Police Digital Security Centre (PDSC) is a not-for-profit organisation, owned by the police, that is focused on supporting small and medium-sized businesses across the UK to improve their resilience against the most common types of cybercrime and fraud. Alongside organisations like Yubico, they’re working hard to educate users on malicious online threats and providing the tools necessary to protect themselves.
And how did this partnership come about? What are its aims?
JG: Yubico and the PDSC have a shared vision for a safer, more secure internet for all. It seemed a natural fit to work with the organisation to help support businesses in the fight against cybercrime. The PDSC is looking to regulate digital security providers by introducing a framework and certification process much like the Secured by Design accreditation associated with physical security products. The aim is to launch the scheme in early 2020 and Yubico is set to be one of the first accredited providers endorsed by the British Standards Institution (BSI).
Why is cybercrime such a threat to businesses? What specifics should security managers be aware of to protect their businesses?
JG: Cybercrime and fraud are a growing threat to UK organisations. According to figures published by the Department for Digital, Culture, Media and Sport (DCMS), 32% of businesses have suffered at least one cyber attack or breach within the past 12 months. In fact, last year there were 4.6m incidents of fraud and computer misuse which accounts for a large proportion of the 11m crimes reported.
The average cost of a cyber breach or attack is £4,180, which could be detrimental to smaller businesses and there are greater losses to a business after a hack, such as reputational loss and compliance issues.
Security managers need to be aware of what threats exist not only today, but also in the future. A significant proportion of malicious attacks happen through phishing, so learning to spot a fake email is a good starting point; check the sender is valid, do not open any untrustworthy attachments or links, and share across the business if a large-scale attack is identified. Sharing with colleagues is incredibly important; it only takes one mistake from an employee to spread a virus through the network. Make sure everyone is security conscious and if in doubt, introduce stronger measures such as 2FA to reduce vulnerability.
Are there any new threats that security professionals should be aware of?
JG: The threat landscape is constantly evolving as malicious actors attempt to bypass stronger security measures. While we’re likely to see new threats enter the space, I expect we will also see the same cyber attack types in the future, albeit more intelligent; for example, phishing will become harder to distinguish, and password hacking and social engineering will continue to cause disruption unless users become smarter with their credentials.
Thankfully there is an increasing trend for users adopting multifactor authentication (MFA) which is the use of several verification steps in conjunction; for example username, password, security keys and/or biometrics. However, we would like to see more users and services opting in for 2FA.
Yubico set to partner with PDSCIFSEC Global sits down with John Gilbert, GM and Regional VP of Sales at Yubico, to understand how the company is working in partnership with the Police Digital Security Centre.
James Moore
IFSEC Insider | Security and Fire News and Resources