IT Essentials: A cyber staycation

The UK made headlines in security news

IT Essentials: A cyber staycation

Big cyber news found us, unusually, staying in the UK's borders last week.

It's well known that you can wait ages for a bus, then three turn up at once. A few weeks ago I was moaning writing about the slow state of tech news, but it's fair to say that's no longer true - the buses have well and truly unbunched.

The UK recently made global headlines by banning devices from having weak default passwords - no more 'pass123', which will certainly boost IoT device security; though I think the bigger news is that manufacturers will have to tell buyers how long they'll provide security updates for each device. That's a big step towards boosting IoT longevity (nobody is buying a doorbell camera that stops working after six months) and, in a roundabout way, tackling e-waste.

We also saw UK cyber darling Darktrace acquired by private equity firm Thoma Bravo: another UK firm snapped by an acquisitive US company. Darktrace has taken a battering in the last 18 months; its stock price took a hit and it dialled back its marketing (a surprise to IT leaders, who had previously told Computing that the marketing department appeared to be better funded than Darktrace's R&D), making it a tempting target for private equity.

It's also been a busy time here at Computing, with two events to attend: one, by our partner the MES IT Network, in Orlando, and the other our annual Cybersecurity Festival in London (click here for our coverage). We've talked to CIOs, engineers, VPs and MDs about their ongoing projects, challenges and concerns, and the major point that stuck out was the human side of cyber.

It's clear that, technically, cyber is a semi-solved challenge. Attackers are always developing new exploits, but defenders are shutting them down faster and faster. Even concerns about AI were an afterthought.

More worrying was the impact cyberattacks have on people. We heard from former Centrica CIO Wayne Johncock about his experience falling victim to a scam - an emotional session - and a panel of experts discussed how to look after your staff in the wake of an attack.

That's more important than ever with the ongoing skills gap. As Sam Woodcock of 11:11 systems pointed out, "The number of job openings in cyber is huge, and the number of people who can fill those gaps is small. Looking after their mental health is to your competitive advantage."

One Festival delegate pointed out to me that we're quick to blame in cyber (something else that needs to change), but we don't celebrate success enough. Even in a day of standout moments, that one stayed with me.

The IT skills gap is a persistent problem. The industry is trying to tackle it at all levels with new recruitment strategies, but less effort goes into retention. That was the subject of a passionate - sometimes fiery - panel at MES Spring in Orlando.

Former GCHQ chief Robert Hannigan told Penny Horwood that, despite some very concerning trends in UK cyber, he's overall optimistic about the state of the industry - a rare bit of good news when it comes to the sector!

And if that wasn't enough cyber news for you, we've announced the winners of the Security Excellence Awards. Congratulations to all who took the stage!