Is the Internet Safe? Of course not!

Published on the 15/06/2016 | Written by Owen McCall


is the internet safe

The internet is not 100 percent safe, but that doesn’t mean you shouldn’t be using it to support the growth of your business. Owen McCall says we should approach it more like driving…

Think about it, is driving safe? Of course not. There you are hurtling down the open road at 100kph with another vehicle coming straight towards you at the same speed. The only thing between you and the oncoming car is a thin painted line. We know that if that thin painted line doesn’t do its job and the two cars collide the result is a big mess. Bodies aren’t designed to absorb that kind of impact.

The result is that over 300 people die from driving every year and thousands more are injured.  A quick search on Wikipedia quotes World Health Organisation statistics of 1.25 million people dying on the world’s roads every year.

Yet we still drive. With these kinds of statistics why would you risk your life by driving? In the end there are two main reasons for most people. Firstly, the benefits of driving are huge. Modern driving means that you can easily travel 100km an hour. The non-driving equivalent of this is 5km if you walk, 30km if you’re really fit and can bike. If you go really old school and ride a horse then on average you will cover 50 or 60km in a day. The second reason is that we know if we take sensible precautions we can substantially decrease the risk of dying. When it comes to driving these sensible precautions are fairly well known. For example:

  • Ensure your car is in good working order and ideally modern so it includes all the latest safety features
  • Don’t drive while you are under the influence of alcohol or other drugs
  • Don’t drive too fast, or perhaps more accurately drive appropriately for the conditions
  • Ensure you are alert and do not drive when overly tired
  • Adhere to the comprehensive set of rules that all drivers are expected to follow when driving (that’s why the thin painted line works).

On top of this we have a very comprehensive system in place to teach people to drive safely and a series of sanctions for people who are caught breaking the rules, including taking their driving privileges away from them.

Despite all this we know that an accident can happen any time. The risk is always there, but we still do it. I believe that this is the stance that organisations need to take around digital risk. We know it exists and we know that there is always a risk but if we put in place sensible precautions then we can substantially reduce the risk of operating in the digital world and set ourselves up to succeed. The only question is what are the digital equivalent sensible precautions that you need to implement to reduce your digital risk and have you implemented them?

Sensible Digital Precaution Rationale
Ensure all your systems are up to date with the latest patches and major releases Often organisations look at the cost of system upgrades as being a waste of money. This position is understandable because most upgrades don’t deliver significant new benefits so it looks like you are being forced to spend for no real return. The reality is that these upgrades usually contain significant improvements in security as vendors seek to close security vulnerabilities and also address new emerging threats.  If you don’t upgrade you leave yourself open to being exploited.
Build “security in depth” Modern cars don’t rely on one safety feature. Modern cars have multiple safety features from seat belts, to crumple zones to air bags.  It’s the same in modern system security. You need to deploy multiple ways to detect and deal with potential security breaches. We call this security in depth.
Build digital competency For most organisations the greatest security weakness is your staff.  They simply don’t know how to keep themselves and their organisation safe in the digital world and organisations don’t systematically invest in upskilling their team in the required skills. We don’t let people drive if they haven’t demonstrated their knowledge of the road rules or their basic competence in the practical skills in driving. We should take the same approach to digital competency.
Know how you are going to recover As with driving, even if you do all of the above accidents still happen.  You need to be prepared for when you do have a serious security breach because it will likely still happen. You prepare by understanding how you are going to recover from this breach and get your business back online. You do this through effective IT disaster recovery planning and regularly testing your recovery plans through a variety of scenarios.
Actively consider and understand your tolerance for cyber security and risk Like all things in life reducing your cyber risk costs money. Also, the more secure you want to be the harder it is to innovate. Because innovation introduces the new and previously untried. By its very nature it is likely to expose a business to new and unanticipated risks.  You need to invest enough time and gain enough understanding to be able to define what your particular appetite for cyber risk is and the appropriate set of controls and mitigations you need to put in place to effectively manage your risk profile. It is no longer good enough to do the ostrich and bury your head in the sand and hope it goes away.

Do these things and you have set yourself up to be able to enjoy the benefits of digital in comparative safety and comfort.

Owen McCallABOUT OWEN McCALL//

Passionate about using technology to make a real difference to businesses, communities, families and individuals, Owen McCall has focused his career on understanding and answering this question: “How do you harness the power of IT to deliver value?”
An independent IT consultant, he is a former CIO of The Warehouse.

Post a comment or question...

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Other Articles by Owen McCall

Transitioning to agile? First prepare your environment

opinion-article |May 29, 2018 | Owen McCall

It may well be the corporate buzzword of the decade, but proper business agility is all about setting the foundations say Owen McCall…


Digital transformation_Fosbury flop_Owen McCall

Digital transformation, incumbents and the business model conundrum

opinion-article |May 23, 2018 | Owen McCall

What Uber, Amazon and the Fosbury flop can teach us about innovation…


S curve_Owen McCall

Why CIOs must master the S-Curve

opinion-article |October 2, 2017 | Owen McCall

Thanks to Moore’s Law the S-Curves in technology are frighteningly short, writes Owen McCall…


Shadow IT: Not a new thing and nor is managing it

opinion-article |April 26, 2017 | Owen McCall

Many IT organisations are strong on wanting a mandate as a way of eliminating shadow IT – but it won’t work, says Owen McCall…


Desired outcomes technology projects

Outcomes don’t depend on where you begin

opinion-article |February 8, 2017 | Owen McCall

IT teams and professionals should focus on desired outcomes, rather than mire themselves in the problems of the day, says Owen McCall…


Gartner hype cycle

Of love, hate and the Gartner Hype Cycle

opinion-article |August 31, 2016 | Owen McCall

They’re great and they’re awful – find out why Owen McCall is ambivalent about Gartner’s Hype Cycle…


Experiment to progress

Failure is good. Yeah right!

opinion-article |July 14, 2016 | Owen McCall

Owen McCall says we should switch from ‘initiatives’ to ‘experiments’…


The problem with projects: not fit to deliver value

opinion-article |April 19, 2016 | Owen McCall

What do IT projects and fitness regimes have in common? Owen McCall exercises his theory of the business value creation process…


Digital competence

Driving digital competence

opinion-article |February 23, 2016 | Owen McCall

My daughter Sarah has just passed her learner’s driving licence…


erp disaster

When a disaster isn’t a disaster (and how to better deal with ERP implementation complexity)

opinion-article |October 28, 2015 | Owen McCall

Many years ago, writes Owen McCall, a contribution to a study on ERP implementation failures threw up a completely surprising response…


Processing...
Thank you! Your subscription has been confirmed. You'll hear from us soon.
Follow iStart to keep up to date with the latest news and views...
ErrorHere