Cyber-attacks and staying private

Cyber-attacks on banks have been high-profile news in the UK.  £1.3 million was taken from Barclays when a computer was hijacked, while police foiled a similar plot against Santander.The Bank of England's policy makers have responded, drawing attention to the ‘potential vulnerabilities' in the banking system, including old and complex IT infrastructure and a reliance on centralised systems.Concern about a lack of preparedness against cyber-attacks was also expressed at a recent London meeting of information security risk and management professionals. Delegates discussed the ‘perfect storm' of cyber-security risks - the widespread adoption of social media, cloud services, mobile devices - combined with the proliferation of unstructured data.  Potential risks to organisations include intentional or accidental data breach; social media account hacking and identify theft.  (Government figures for the cost of cyber-security breaches have been discussed previously on this blog.)The UK is a global leader in identify fraud.  Fraud is said to have cost the UK over £70 billion in 2012 and nearly a quarter of residents have fallen victim to some form of identity fraud.Staying privatePersonal data is ‘the new oil of the internet' according to the World Economic Forum. Increasingly sophisticated criminals are using the information and data we share to develop ‘spear-phishing' targeted email campaigns or are able to glean personal details such as pet's names or mothers' maiden names which can be used to answer security questions.As information professionals we are well-placed to help our organisations - and individual colleagues - understand the new information landscape and to help them stay safe and secure.Phil Bradley is speaking about Privacy (session C103) in a special session at this year's Internet Librarian International conference.Val on Google+