This is the ultimate game of cops and robbers

ANOTHER SCANDAL ON THE LIST OF SCANDALS

I am sure everyone is talking about the BA Hacking. Nearly 400,000 passengers have been caught up in yet another PR disaster for British Airways, with the airline the victim of a “sophisticated and malicious” security hack.

The stolen information did not include travel or passport details, the British flag carrier said, but warned that customers should check with their banks and credit card providers for suspicious activity.

How to find out if your data was compromised

BA said that the hack related to bookings made or changed between 10.58pm on August 21 and 9.45pm on September 5. “We will be contacting affected customers directly to advise them of what has happened,” the airline said on its website.

To be sure this is another scandal on the list of scandals. Here are the Biggest, Baddest, and Scariest
https://www.orangewebsite.com/articles/biggest-hacking-scandals-of-all-times/

CYBER SECURITY NATIONAL CRITICAL INFRASTRUCTURE

But we should not be surprised. Indeed we should expect more, and be prepared.

I am looking forward to attending Government Cyber Security Incident Response Capability Workshop. Hosted by Phil Ashley (Digital Policy Advisor - Financial Services & Digital Economy) this should be a really interesting meeting.

The workshop’s objectives are:

1. To understand whether businesses would want to make use of an incident response capability
2. Gain an appreciation of the skills, resources, facilities and services that organisations already have access to
3. Determine what model and scale might be appropriate for the Channel Islands
4. Explore the potential services that would be valued
5. Identify how the capability should be resourced

The initial ambition is that the capability will cover government, critical national infrastructure organisations and private businesses. This workshop is a key opportunity to feed into government’s thinking on the subject and help ensure that Jersey is able to respond to cyber security incidents in a way that works for business.

LESSONS FOR GOVERNMENT AND BUSINESS

It is clear that there are so many dependencies between business and government, between government and the voluntary sector that a joined-up approach is needed.

For example the voluntary sector has 535 organisations and 11,000 volunteers providing charitable health, social care and other services to the vulnerable and needy. Much of our health and social services provided to the community are dependent upon Island’s Critical Infrastructure.

I can see value in all States Departments using a common set of tools and making recommendations on tools, training and techniques that will benefit the Island and Critical Infrastructure (eg Ports, Police, Health, Education) + National Critical Services (Health, Care etc)

For example it seems optimal that States Departments use the same tools, policies and guidance for GDPR, CE and Encryption as part of a joined-up approach that serves both government but also the business and community.

This is however just one aspect. National Critical Infrastructure is much broader than this. It is about prevention as well as response.

If you are interested in Data Protection and Cyber Security this is the ultimate game of cops and robbers. The stakes are high. And it is compelling to learn and apply the collective wisdom of initiatives like Government Cyber Security Incident Response Capability Workshop.

USEFUL LINKS

https://www.bbc.com/news/technology-45446529
https://www.bbc.co.uk/news/uk-england-london-45440850
https://www.theguardian.com/business/2018/sep/07/ba-says-hack-hit-only-those-buying-tickets-in-two-week-period