In the cyber war room, troops from the C-suite ignore the threat at their peril

When your CEO starts talking about Cyber threats to the business it might be unnerving to some; when the boss rolls up her sleeves, learns to code computers and starts to build workflow technology systems to mitigate the risk of fraud and cyber-attack you know they’re pretty serious about security.

This may sound like a scene from a James Bond movie, in which M reveals his latest explosive contraption much to the amusement of 007. Enter stage left, the British Tweed loving serial entrepreneur and child of the Soviet Union, Jurga Zilinskiene who gave a pioneering talk on online security for businesses at Internet World, the flagship event of this year’s London Technology Week.

£42 billion loss straight ahead!

Her talk entitled ‘The importance of getting the right technology to protect your business, whatever the size,’ Jurga whisked the audience off on a journey back to the days of the cold war to appreciate the skills that were born behind the impenetrable iron curtain.

Advocating respect for your enemy and an appreciation of their capabilities, her focus on the threat from organised crime was a bugle reveille to the troops in business. Whilst cybercrime is estimated to cost UK businesses a staggering £21bn a year (which may be just the tip of the iceberg),

Jurga reminded the assembled crew that another ice monster lurked alongside it: Fraud. The now defunct National Fraud Authority estimated that fraud against UK businesses is a morale melting £21bn too!

Clever criminals can do dangerous things

Turning to those responsible for this Fraud and Cyber invasion of businesses in the UK Jurga reminded us that whilst resistance against a state-sponsored cyber-attack may be futile, constant vigilance and effective battle plans can protect us from others.

Europol estimate there to be over 3,600 active crime groups operating in the EU, and fraud and cybercrime are viewed as their passport to riches. Unsurprisingly, many of these technically skilled villains learnt their trade back in the USSR because as Jurga cheekily admits,

“The strict Soviet education system produced some brilliant minds”.

One might think the organised gangs would be dispersed evenly across the vast expanse of Europe but that is not the view of the Royal United Services Institute. Analysis from this respected think tank suggests that of the 600 major investigations currently being pursued by Europol, half have links to Britain. That would mean around 1,500 gangs are currently targeting the UK, making it in line to become the crime capital of Europe.

Add to this to the threat from rogue staff like Kweku Adoboli, the young City trader at UBS who nearly broke the bank with his reckless loss of £1.4bn; the evolution of computer virus’ like Heartbleed; and the business impact of fines and money lost on unnecessary measures and cyberwar profiteers and the battlefield is the cyber equivalent of the Somme in winter.

vault

Protect your Maginot Line

With the undertones of stoic Churchill and the vivacity of Vera Lynn, Jurga presented her battle plans; a blend of what she described as

“Effective measures to manage your Maginot Line”.

To prevent the enemy circumventing your defences, Jurga spoke of the vital importance of firewalls, patches and testing and not forgetting that secret papers and pen drives can easily find their way into hostile hands when no one is looking.

An advocate of the UK Government and Crest approved Cyber Essentials scheme, she points out the scheme is a must for most businesses; but there is more to consider if we are to adequately protect our businesses with the right systems and technology to mitigate the risk.

Effective cyber and fraud prevention systems allow staff the freedom to access the information they need to do their job. Importantly, they also have the capacity to monitor activity and detect inappropriate behaviour. Jurga cites the Systemskan tools from DTex as an example of real time monitoring, big data analytics and detection capabilities.

For those looking for cloud managed security services for she stressed the importance of working with a partner who understands all the Common Criteria for IT security evaluation like global specialists CSC. Turning the spotlight back on the physical environment, she also sees the value of traditional security measures using CCTV and alarms to protect her own secure business hub in the City of London.

Located close to the Bank of England, the hub provides the ideal base for her firm’s secure translation offering. She describes these technical and physical security measures a protective shield that gives you a 2 minute warning of attack and when they sound, you have to be ready to respond.

If you can’t find a solution, build one

So you’ve assessed the threat and risk to your business and know what technology is available on the market to protect you but what to do if there isn’t a system to suit your business. Jurga’ answer is,

“If you can’t find a solution that suits you, make one”.

And that is precisely what she did. Frustrated at not being able to find a technical solution that matched the efficiency of her workflows she learnt to code and built QCS+, an incredibly powerful management system. With detailed audit trails and reporting capability the solution has achieved a paperless office in a sector that could produce enough paper to singlehandedly destroy the Brazilian rainforest.

It is small wonder then that in June 2014, Jurga’s company Today Translations became the first specialist translation company to achieve ISO 27001 data security certification for its global operations. Putting in place 133 controls and passing independent audit with a commendation and without a single non-conformity is remarkable.

In all my years in the international corporate world I’ve met many C-suite executives who have managed to retain a close connection with the front line despite rising high up the ranks. I met others who have developed new technical skills to support the business but I have never met a leader so in touch with the systems of her industry and the ability to learn computer code to solve business problems.

Anyone wondering where to begin in the fight against cyber criminals and fraudsters would do well to listen to the sound advice of this bright young former Soviet.

You can also download Jurga’s presentation here.