At a recent Eskenzi PR off-site day, we spent a sunny afternoon discussing a group of surveys which various clients were commissioning. We used our collective opportunity for hive-mind to try and work out some interesting angles in the increasingly crowded field of security surveys.
This sparked an interesting discussion, and one which has been reverberating around my brain ever since: How can we make the average person on the street care about cybersecurity concerns, when there is all of the other horror to contend with?
Those in the industry realise that, for enterprises and for nation-states, cybersecurity represents nothing short of an existential threat. A ‘Category 1’ cyberattack on a nation could leave critical national infrastructure unable to function, which could in turn wipe trillions off of a nation’s GDP, leading to untold harm, death and destruction. For a business, a failure of security can mean their total collapse. While these issues are self evident to those of us in the industry, to those on the outside, links to real life can seem gossamer-thin, verging on non-existent.
What does not seem non-existent to most people however, is everything else. As I write, the Taliban have taken control of the final Afghan province, solidifying their claim on the government of a nation into which the international community poured trillions in funding, not to mention thousands of lives. The climate crisis threatens not just our economies but the very fabric of our existence on this planet, and no serious opposition seems to be mounting against this unprecedented global catastrophe. The Covid19 pandemic rages on, and has cost a reported 4.55 million deaths globally, with more to come and countless more unreported. While every generation thinks they are the last generation, none can make such a convincing argument about this as ours.
So among this backdrop of death, despair and helplessness, how can the security industry make their voice heard and understood. To my mind, this is about empowerment.
The hopelessness of the global issues outlined above is the permeating factor that defines how most people react to them all; There appears to be very little which anyone can do about any of them, which adds to the sense of hopelessness surrounding them.
Security is not like that. The industry needs to make the case that as Internet users, as employees, and as active participants in our democracy, security is something that we can at least attempt to make a tangible difference in. Ensure that you’re considering your own security posture in your personal life, and do the same in your business life, whilst also encouraging your organisation to do the same. As a voter, make sure that those writing our laws into power understand the importance of security, and will take the appropriate action on both the nation-states and the private companies who make the choices to weaponize security for their own political or financial gain. Security needs to be labelled as something you can actively contribute to in a positive way.
It would be deeply reductive to suggest security is as important as the climate crisis, and it would also be reductive to suggest that individuals cannot do anything about that either: Lobbying, protesting and lifestyle choices all make a difference. However, security can be repackaged and made into something more tangible, more accessible, and something which individuals have more direct agency over. Then it could be possible that the industry can make its voice heard above the noise.