No one will ever forget 2020. Here, Julian Cracknell reflects on the disruption, threats and innovation which have shaped the year gone by
What a year. A year of change, a year of tumult, a year of challenges large and small.
I’m writing this while poised to emerge from my own quarantine period – I recently received a positive test but, thankfully, no symptoms. I’m well aware, though, that many others have been nowhere near as fortunate.
The pandemic will no doubt continue for some time to come but we must also recognise that the world keeps turning. Globally, there are many differences between organisations and their missions. But we have seen a lot of similarities in how organisations have adapted to COVID-19, in terms of both ways of working and technologies being used.
We’ve seen this accelerate many existing digital transformation programmes across the world. These change programmes have highlighted the need for organisations to be able to respond quickly to change.
A disruptive accelerator
We’ve been working on digital transformation programmes with our clients for years and I see the pandemic as a disruptive accelerator in this instance.
“Disruptive”, in that it has forced organisations to change, in a matter of weeks, to move to a remote work force with different ways of working. But definitely an “accelerator” as well. Many organisations have been moving to enable remote workforces for the last few years. This has been driven by wanting to give people more flexibility in their work / life balance, cost of working on public cloud being lower than private networks, and cyber security processes maturing to enable hosting of sensitive data on public cloud.
Remote working for some organisations, however, can be much harder, especially those which are used to dealing with classified or very sensitive data, spread across multiple networks and geographies. How do teams work effectively across different classifications? How do secure organisations reap the benefits from a hybrid cloud model?
We’re working with organisations across the globe to help address these challenges. A lot comes down to organisations understanding their business and cyber risks, vs the benefits that modern technologies can bring. And it’s about balance. Balance, so that organisations can move from a risk averse to a risk managed culture.
Personally, I don’t see organisations moving back to how they worked back in March – we’ll see some shift back as the pandemic eventually subsides, but organisations have proven they can adopt different and more modern ways of working and can continue many of their business functions or mission efficiently.
On permanent cyber watch
Pandemic or no pandemic, global cyber threats and technology changes continue to be a permanent feature of the landscape.
From a risk perspective, the biggest cyber threat we continue to see across the world is ransomware. This obviously isn’t just about users not being able to upload their runs from Garmin to Strava – it’s causing millions of pound of damage in lost revenues and affecting live services for citizens.
This year, we’ve seen ransomware attacks evolve to not just be about demands of paying a ransom to decrypt your organisation’s data - a ransomware attack will now typically include theft of data, and threats to publish that data online if the ransom isn’t paid.
Our Threat Intelligence team describes a “Perfect Storm” – a combination of better collaboration of criminals, ransom payment being seen as more acceptable, and possibly even encouraged in places by some cyber insurers which fuels the cycle, and critical vulnerabilities in commonly-used public-facing infrastructure being exploited to start many of the attacks.
Our incident response team has had to respond to multiple incidents of ransomware in hospitals, state governments and industry this year. In terms of the threat landscape from state-sponsored actors, we initially noticed a slight drop in activity coinciding with the onset of COVID-19 – but that soon returned to normal as the criminals and state governments quickly adapted, and our threat intelligence team is tracking plenty of active campaigns in this area. No wonder my colleague Mary Haigh has concluded that from a military perspective, cyber has become as important as the traditional domains of land, sea and air.
We’ve also seen that organisations are wanting to bring in a lot more innovation and agility. They want to rapidly evaluate and exploit new technologies from start-ups and universities, avoiding long procurement cycles, and get benefit out to users quickly. As well as new voices, success also demands new approaches – an agile methodology combined with an agile mindset that embraces far more than just technology.
The challenge many organisations find with innovation is how you “bottle” what you can achieve in times of national crisis. We passionately believe that we can. By fusing an innovative culture, domain knowledge and desire to make a difference, there’s no stopping us.
About the author
Julian Cracknell is Managing Director of BAE Systems Applied Intelligence
Explore more content from our Global Executive Client Forum
Opportunities and challenges associated with Cyber Defence, Digital Transformation and supporting the National Security MissionFind out more
- The Cyber Threat: before, during and after lockdown. No sector of society has proved immune to the spiralling effect of Covid-19 – and that includes cyber security. With the kaleidoscope shaken and pieces still in flux, Adrian Nish examines its impact so far
- Cloudy with a chance of Transformation. Cloud computing has rapidly become an accepted and widespread feature of the IT landscape. But Andrew Williams explains that challenges still remain – not least when it comes to security and skills…
- The drive for Digital Transformation. Digital transformation is not a destination, but a journey, and one that can require you to traverse some challenging terrain. Here, Sandy Boxall and Rob Clifford explain why only the careful orchestration of people, process, technology and culture will get you moving in the right direction
- Fast moving clouds ahead. Cloud computing has been around for years, but fully deploying it within government and critical national infrastructure is no small feat. Chris Poole takes a look at what might be done
- Digital transformation is about culture, innit. Mivy James explains why digital transformation isn’t really about the technology at all, it’s about culture and ways of working
- Disrupting national security for the better. Is national security really the right place for innovation and disruption? Actually, yes, suggests Miriam Howe. We’ve just got to tread carefully…