July 24, 2013 11:05 pm

Data sharing would help to neutralise the cyber threat

  • Share
  • Print
  • Clip
  • Gift Article
  • Comments

The threat of computer hacking is one of the critical business issues of our age. A shadowy army of geeks probes corporate defences, seeking to profit from their weakness.

IT consultants, in other words. The fear of hackers, stoked by such initiatives as a “cyber governance health check” endorsed by MI5, is their biggest marketing opportunity since the Y2K panic.

This millennial cult prophesied that a bug would activate on January 1 2000, triggering a worldwide systems outage. Governments and businesses spent over $300bn on fixes but Doomsday was marred only by hangovers for party goers.

IT consultants said this proved their worth. Cynics said that was like a Londoner who owns an elephant gun boasting of its deterrent effect because no one ever saw an elephant in Stoke Newington.

There is a danger of splurging on cyber defences because the threat is nebulous and highly hyped, like the Y2K bug. The difference is that hack attacks against companies occur regularly. It is unusual to admit to victimhood, as Lakeland, a small kitchenware retailer, has done. Large listed businesses hide their vulnerabilities.

That is understandable but unhelpful. By pooling information, companies help each other respond proportionately. The Securities and Exchange Commission has been chivvying US businesses to disclose more hack attacks. UK counterparts should follow suit. Security companies contribute more by signposting individual threats – as BAE Detica did with the Chinese APT1 cyber attack group – than publishing scary loss estimates.

The requirement for chairman to fill in MI5’s hacking questionnaire is well-intentioned. But there is a risk the less digitally-inclined will think it is a survey on horse riding.

Sins of omission

Royal Bank of Scotland has been fined £5.6m for cocking up deal documentation and failing to report transactions over five years. But who among us has not occasionally got a decimal point in the wrong place? And everyone has a drawer where they stuff correspondence they never quite get around to dealing with.

Admittedly, RBS’s drawer is pretty capacious, containing 804,000 unsent notifications. Though that figure is dwarfed by 44.8m transactions whose records were scrambled. Holier-than-thou types would say this was further evidence of incompetence and management weakness after last year’s systems outage.

But RBS has had a lot on its mind, what with ABN Amro, the credit crisis and the need to camouflage a politically-incorrect investment bank from public view. Sometimes it just never seems to stop.

Outgoing chief executive Stephen Hester probably has a cardboard file with “Stuff To Sort Out” written on it that he takes home at weekends but never opens. Because there is always so much to do in the back garden – a rosebush to deadhead or a mountain range to move three inches to the right.

Some people suspect that Mark McCombe, the external frontrunner to succeed Mr Hester, dropped out of the race when news of his candidacy forced him to commit to current employer BlackRock. The real reason, one surmises, was that he realised Mr Hester’s “Stuff to Sort Out” file would be waiting for him on his first day in the new job. That, and plans for a politically-motivated £80bn toxic asset carve-out.

For whom the bell tolls

The fire alarm at Aviva’s City HQ, formerly tested at 4.30pm on Fridays, now goes off on Monday mornings. This small change is emblematic of a bigger shift at the insurer, where troubleshooter Mark Wilson replaced Andrew Moss after a shareholder revolt.

Human beings are creatures of habit. This is a challenge for new broom bosses who want to ginger up the staff of struggling companies. So you review strategy and shuffle the pack as everyone expects. But altering one aspect of workplace routine is another way of showing that the phrase “business as usual” no longer applies.

A 4.30pm bell triggers Pavlovian assumption that it is home time, especially on Friday, which in the City is POETS Day (Potter Off Early, Tomorrow’s Saturday).

Mr Wilson, formerly boss of Asian insurer AIA, has committed to reduce costs by £400m. Observers expect him to commit to deeper cuts at annual results on August 8. The shares have tracked the FTSE-100 since Mr Wilson started and he has much to prove. But the Monday bell suggests an intolerance of organisational inertia which, like the clamour itself, should make staff sit up straighter.

Copyright The Financial Times Limited 2015. You may share using our article tools.
Please don't cut articles from FT.com and redistribute by email or post to the web.

  • Share
  • Print
  • Clip
  • Gift Article
  • Comments


Sign up for email briefings to stay up to date on topics you are interested in

Enter job search