In the UK on November 5, we celebrate ‘Guy Fawkes Night’ or ‘Bonfire Night’ often with fireworks and bonfires. Yet, had Guy Fawkes and his conspirators succeeded with the Gunpowder Plot in 1605 to kill King James I and his governmental officials, the country, its politics, religion and society, could have turned out very differently.
Thankfully, the intelligence that was obtained by the authorities helped avoid what could have been a catastrophic event. Parallels could certainly be drawn to the world of cybersecurity.
In our industry, we often rely on threat intelligence, security awareness and information to prevent attacks and future mistakes. Furthermore, given the current cyber threat landscape, which is turbulent at best, having the right knowledge in defending against cybercriminals is crucial.
Back in 1605, it was equally turbulent, with fractions in society stemming from King James I over religion. His council had to be vigilant to thwart assassination and kidnapping attempts.
If you look at security departments within modern organisations, there is a need for individuals to maintain a proactive alert mindset in the face of ever-evolving cyber threats. However, this same proactive mindset must be shared amongst the organisation so that it has a strong and positive security culture. The benefits of this will then flow throughout the organisation as it stays updated on the latest cybersecurity trends, best practices, and emerging attack techniques to effectively defend against cyber threats.
Sure, the Gunpowder plot failed because of an anonymous letter to Lord Monteagle, a member of Parliament’s House of Lords, which explained that the monarchy and Parliament were in grave danger. But this piece of intelligence heightened the awareness that danger was imminent. It was then leveraged, actioned, and through a collaborative effort, led to the discovery of Guy Fawkes beneath the House of Lords with his famous hat, black cloak and matches in hand.
Within cybersecurity, collaboration and the importance of collective effort can make the difference in successfully stopping a cyberattack. Just think how one anonymous letter saved Parliament, one employee reporting a potential issue can safeguard the organisation.
It’s why the promotion of information sharing within the industry in identifying and mitigating the latest cyber risks is so important. The technology might have changed but the way we operate hasn’t and we still rely on the same defensive methods and strategies to stay ahead of danger. If you are unsure of where to start, the NCSC has a host of guidance material that is regularly updated to help.
Moreover, there must be an emphasis on the shared responsibility and duty we have in protecting ourselves, our organisations, and our communities by practicing good cybersecurity hygiene. The same type of duty King James’ inner circle had to foil the Gunpowder plot. If we all don’t show a willingness to better ourselves and keep educated on the variety of scams in play, there is a serious likelihood we will most certainly fail victim to a cyberattack. The potential consequences are unimaginable and include compromised sensitive information, financial loss and long-standing damage for us and the companies we work for. In fact, 40% individuals have admitted to falling for a scam of some kind, with over 50% of these victims feeling a significant or very significant psychological impact as a result.
There is no denying that we are now consumed by the digital world so the significance of continuous learning, staying vigilant, and fostering a culture of cybersecurity awareness to protect ourselves, as well as our increasingly expanding digital environments, cannot be underestimated.
By Javvad Malik, lead security awareness advocate at KnowBe4