No White Flags—the Value of Cyber Innovation at Speed and Scale

The first ‘till-less’ Amazon Fresh store opened in London recently. Download a QR code, shop and leave with everything being charged directly to your Amazon account. Is this something that we have all been dying to do? Perhaps not today, but what it demonstrates is Amazon’s commitment to reducing friction for customers and their relentless investment in innovation.

Doing things differently and changing behaviour is never easy, and as we come out of a global pandemic that has tested us all to the limit, it’s tempting to stick with the status quo. But if something good is to come from the past year, then now is the time to explore ways to do things differently and better, learning from the intense pressures of protecting users and the confidentiality and integrity of content to build greater resilience.

But Where to Begin?

When a group of cyber professionals start a discussion about priorities, it’s always lively and often heated. Although we may not see the world in exactly same way, the panel of industry experts at our recent online event designed for the Government and Defence sectors here in the UK, were in agreement on two points. The first was that for organisations that are not ready to wave the white flag in the face of increased cyber threats, innovation is essential. The second was that, no matter how much organisations invest in user cyber awareness training, they need a scalable, frictionless technology solution to protect the confidentiality and integrity of the content they use every day.

Our first speaker certainly is no stranger to facing challenging circumstances. Lt. Gen Philip Jones CB CBE DL opened our discussion with his insights, informed by his decades of operational combat experience, around how implementing innovation at speed and scale is difficult but with an “attack mindset” is always possible. His advice was to seek out the right collaborative partners with the experience and expertise to help plan and implement transformation.

Our next speaker, Paul Chichester, Director of Operations, National Cyber Security Centre, picked up on Philip’s themes. He revealed the scale of the threat that the NCSC has helped UK plc tackle during the pandemic – responding to over 5 million reports of phishing by taking down hundreds of sites. The NCSC’s collaboration with manufacturers and health authorities also managed the risks around vaccine development and distribution – critical work that has proven highly successful. The pandemic has changed many things, not least the explosion in remote working and the consequent cyber risks. The NCSC does not expect that genie to be put back into the bottle any time soon.

In our Q&A session, asked about managing the increased risks of remote working, Paul mentioned NCSC research that shows even the best cyber awareness training will only achieve about 70% effectiveness in preventing user interaction with malicious links. This led our discussion onto how to address the remaining 30% and the need for comprehensive protection for users and content.

Increasingly, technology providers are collaborating to give single, integrated cyber solutions to organisations that wish to innovate and scale implementations quickly—echoing the Amazon aspiration of reduced friction for customers. John Spicer, CTO and Co-Founder, Nteligen, shared how the combined impact of isolation and Content Disarm and Reconstruction (CDR) solutions has made a difference to the cyber maturity of Government and Defence particularly where detection is failing as a strategy. Picking up on Philip Jones’ comments on the need for understanding context and planning, John outlined the need for organisations to recognise the value and sensitivity of their content to execute the most effective risk reduction.

In his presentation: Why secure content is king for operational resilience, another strategic partner, Ian McGowan, MD and Founder, Barrier Networks, shared examples of recent public sector security projects. He explained how Barrier had responded to one particular client’s urgent need for 100% malware protection for remote workers – without which the organisation would need to scale back on operations. The solution, a combination of Opswat CDR and Menlo Security’s Isolation core technology not only achieved the required risk management metrics, but also improved performance for users without them even being aware that a new solution was in place.

The people shopping at the new Amazon store may, in years to come, look back at how they witnessed first-hand a profound change in retail. We also believe in the value of innovation to deliver change – in our case, security with zero compromise. Sometimes a moment comes to take a fundamentally different approach and our clients across all sectors believe that time is now.

If you would like to hear our panellists’ presentations and Q&A in full, or you’d like to revisit the issues and solutions discussed, you can take look at the on-demand session here