5 Observations on Moving the Cyber Industry Forward

I had the pleasure of attending the SINET Global Cybersecurity Innovation Summit earlier this week. A very thought provoking event, with some great speakers.

The closing Keynote was provided by Sir Iain Lobban, KCMG CB, Director of GCHQ, in which he presented 5 key observations about what needs to happen for the cyber security industry to move forward.

Below is my interpretation of what he said.

I am not a professional journalist, so please do not take these as direct quotes from Sir Iain, they are my interpretation only.

1). Tell the truth.

Cyber security vendors need to be responsible and honest about their capability, there is too much over selling of capability.

I totally agree, customers are confused about what is good and what is less good. They are also sceptical of over-hyped claims, so often end up doing nothing.

2). No more sell and forget.

The engagement between buyer and seller has to be enduring, the capability has to evolve in line with changes in threat and capability. They may even need to be augmented over time by 3rd party capability.

We have witnessed this at Nexor – transaction based selling does not work in the security game, hence why we have introduced our CyberShield Secure® services.

3). Security is a board issue.

If the board don’t get it, then you are wasting your time.

As a Chartered Director, this one did not take much effort to convince me.

4). No more ‘after you’.

Government and industry must go forward together. Vendors that have waited for government to solve the problem by spending more on cyber solutions risk missing the cyber growth boat.

For me, that’s about choosing the right markets to trade in.

5). Building skills for the future.

Skills in the industry are an issue, but a lot of the ground work to resolve this issue is being done. Today the usual way to grow a team quickly is to poach staff from a competitor. We have to recognise that we are in this together for a 5-10 year journey to solve the skills problem, and businesses need to figure out their talent training approaches.

Nexor are an SME (must stop using that acronym – you had to be there to know why!), but we are investing in both graduates and apprentices, and have found this to bring a new opportunity for the business, for example, by being able to take an active role in Cyber Champions.

What’s your view

Are there any other key challenges our industry needs to solve to more forward?