What Brexit Means for the Cyber Security Industry
By Carolyn Crandall, CMO
Zhou En Lai, China’s first premier, when asked in 1972 about the long-term impact of the French Revolution, replied, “it’s too early to tell.” While this anecdote may or not be urban legend, the sentiment also applies to Britain’s recent vote to exit the E.U.
The immediate results are clear, Prime Minister David Cameron has stepped down and the pound plunged to a 31-year low – its biggest one-day loss in history. However, Britain’s government quickly stabilized and the pound has at least somewhat recovered. As Britain’s new prime minister puts in place plans to begin disengagement, organizations around the world are asking, “How will this impact us?”
With an increase in the frequency and severity of cyberattacks around the world, and the upcoming formalization of the U.K.’s General Data Protection Regulation (GDPR), individuals in the cyber security industry are anxious to see what the implications (if any) of the Brexit vote will be. Across the industry, opinions on this topic vary with most thinking there will be no negative implications, while others are more wary.
Brexit: Nothing but a blip on our radar
According to a recent Tripwire poll of information security professionals at InfoSecurity Europe 2016, 64 percent said that there would basically be no change as a result of an exit vote. Vice President of EMEA, Neil Harvey stated, “Most information security professionals appear unconcerned with the impact of this referendum on U.K. cyber security.” Harvey went on to say, “This could mean that they believe that the U.K.’s approach to cyber security won’t change significantly either way, but it’s also possible that E.U. hasn’t provided enough transparency around the impact of new regulations in the near term to make a difference to professionals that grapple with these issues every day.”
A primary security concern that has been brought up revolves around the much discussed (GDPR), and whether it will still go ahead. This regulation, which was established to strengthen and unify data protection for individuals within the E.U., is one that many are lauding since it will put users back in control of how their data is used. However, many infosec professionals believe that this regulation will likely to go ahead, since it will become law before the U.K. leaves the E.U.. In addition, many believe that the (GDPR) will go ahead since it enables easy trading between the U.K. and Europe, eliminating the need for U.S. companies to move servers to conform to GDPR.
Brexit: Contributor to the shrinking cyber security labor pool?
While a significant number of cyber security professionals seem unfazed with the recent vote, there are those who are more skeptical.
Some point to Britain’s already dwindling labor pool, which they believe will be impacted. According to ABI Research, “The tech industry, and cyber security notably, is experiencing a painful shortage of professionals. By opting out of the single market, and free movement of people, the U.K.’s labor pool could shrink considerably.”
Additional concerns with Brexit’s possible impact on the cyber security industry include:
- The relocation of cyber security firms to other EU countries.
- How the U.K. government will allocate funds to the British and European cyber security start up community.
Only time will tell what the long-term implications of Brexit will be for people and organizations. However, it is important for organizations to be prepared for the devious hackers hoping to take advantage in this time of uncertainty. The Attivo ThreatMatrix Deception and Response Platform is critical to an adaptive defense security posture and early detection of in-network threats within user networks, data centers, clouds, ICS-SCADA, and IoT environments. As Brexit negotiations continue to take place and standards set around cybersecurity, it is imperative for organizations around the world to have a modern security infrastructure that adequately protects, efficiently detects advanced attackers, and accelerates the response actions when under attack. This form of adaptive defense for continuous threat management will provide the best protection during times of transition and in a world where new attacks and techniques appear by the minute.