Held at Manchester’s Etihad Stadium, the Chartered Institute of Information Security’s conference attracted many top voices in cybersecurity, business leaders and people from government circles. The event generated discussions on the challenges and opportunities within the cybersecurity sector ranging from the complexities of regulating online social media platforms to the challenges of cybersecurity in the […]
Held at Manchester’s Etihad Stadium, the Chartered Institute of Information Security’s conference attracted many top voices in cybersecurity, business leaders and people from government circles.
The event generated discussions on the challenges and opportunities within the cybersecurity sector ranging from the complexities of regulating online social media platforms to the challenges of cybersecurity in the space industry.
TechInformed was at the event live to cover some of the key sessions and engaged with prominent voices to gather exclusive insights. Here’s a detailed summary of the key takeaways from some of the sessions and speakers.
Tech giants must self-regulate or face sanction or outright ban
The panel discussion titled “Can we call time on TikTok?” included Stephen Bonner, deputy commissioner at UK data watchdog ICO and solicitor and partner David Cook a partner at Manchester legal firm DLA Piper, which specialises in cyber and privacy disputes. The panel opened with a discussion on the worrying trend of social media platforms like TikTok capitalsing on users’ trust to mismanage their data.
With TikTok already banned on government devices in 32 out of 50 states in the US and on government electronic devices in the UK due to spying allegations, it’s no surprise the panelists dwelled so much on the dangers that the platform may pose if not adequately regulated.
The speakers addressed the apparent reluctance of tech giants like TikTok and Meta to self-regulate and raised questions about accountability.
While the ICO’s Bonner accepted that the social media app may have taken some measures to improve accountability, he did not believe that it had done enough to restrict access to underaged children.
“This alone poses serious risks, particularly to vulnerable groups, such as children, who can be exploited by not just local threat actors but by enemy states,” Bonner said.
With AI leaving its footprint on just about every software product, Cook feared that the application of AI on the app could lead to manipulation of user behaviour for business gains.
He also stressed that algorithms are generally designed to maximise user engagement, and on platforms like TikTok, this can contribute to addictive usage patterns. This constant stream of personalised content, notifications, and recommendations can lead to excessive screen time and potential addiction, he claimed.
Bonner’s advice to the public and young people was to treat social media platforms with caution and not necessarily assume that they were safe spaces.
Cook added that responsible tech companies should always be transparent on issues of information protection. This, he suggested, could be achieved through strategic data governance policies, which should be passed from the top to every member of the organisation.
Cyber threats are not confined to planet Earth
While most cyber sec conversations revolve around issues happening on our own planet, cybersecurity and space expert, Neil Sherwin-Peddie drew delegate’s attention to cybersecurity issues in outer space.
The head of space security at BAE Systems’ keynote session emphasised our growing reliance on space technology and the escalating potential for cyber threats in the competitive space race.
cybersecurity and space expert, Neil Sherwin-Peddie
Given the dynamic landscape of the international space race, wherein a myriad nations and private enterprises vie for supremacy, the imperative to fortify their competitive edge looms large. Consequently, the protection of satellites, spacecraft, and space infrastructure against varying levels of threat is growing.
According to Sherwin-Peddie, four main types of threats to space satellites include Kinetic physical (direct attempts to damage or destroy space- or land-based space assets); non-kinetic physical (when a satellite is physically damaged without any direct contact); cyber and electronic.
He further noted that cyber threats in space stem mainly from supply chains. “The supply chain is absolutely critical in securing our industry today. Components used for building spacecrafts can come from different sectors and require proper supply chain checks across the chains of suppliers down to every single object used in building a spacecraft,” he warned.
To mitigate cybersecurity challenges in the space industry, Sherwin-Peddie advised manufacturers and all stakeholders in the industry to know their supply chain and apply the NIST security frame, with emphasis on detect, respond and recover. He further recommended better standards for Low Earth Orbit (LEO) satellites by international, European and UK bodies.
Building resilience and partnerships expedites incidence response
Manchester University’s first CISO Heather Lowrie, was only a few weeks into her role when the institution experienced a major cyber attack.
Manchester University CISO Heather Lowrie
Lowrie hinted that success in dealing with the attack hinged on three major drivers: a coalition of external partners, in-team collaboration, and cyber incident response teams. She also highlighted the need to have a command structure in place around different teams.
“Not only on the cybersecurity incident response team but also our comms team, legal and regulatory team and our human resources team, getting that command structure in place right from the first day was one of the greatest benefits to us.”
Lowrie noted that in carrying out incident response, organisations should also remember to incorporate business continuity planning, operational resilience, and contingency planning in case of a recurrence.
To read more stories on cyber security click here
