David Blunkett: Tech industry must change on cybersecurity and women
The under-representation of women in the tech sector is not evidence of women’s lack of interest in technology, says former British home secretary
David Blunkett: ‘The mind-set is almost that cyberattacks are what happen to other people’
A career politician and former UK government home secretary with a recently bestowed peerage of Baron of Brightside and Hillsborough in the City of Sheffield, David Blunkett might not seem an obvious advocate for cybersecurity best practice and women in technology. But these are causes are the forefront of his mind since he was Head of the Home Office from 2001 to 2004, and the reason he spoke at the recent DataSolutions Secure Computing Forum (SCF) 2017 held in Dublin.
“Back in 2002, which is a long, long time ago in technological terms, the British government including the Home Office were not really up to speed on what was happening. They were sending unencrypted emails to embassies abroad, making it easy both for traditional espionage, which countries have been up to since time immemorial, and more dangerous threats.”
Blunkett suddenly thought “We have to get on board with this”, which was when he met Northern Irishman John Lyons, chairman and founder of the International Cyber Security Protection Alliance (ICSPA), a not-for-profit cybercrime awareness organisation established in 2010. Six years prior to this, Lyons had created Get Safe Online, the first ever UK national infosec awareness campaign for internet users.
“He got me interested in the fact that individuals were doing all sorts of things with technology without thinking for a minute about their own privacy and security – but it then developed into questions of what cybersecurity means for business, for government, and even law enforcement because John had been in the UK military police.”
This is when Blunkett was persuaded by Lyons that the ICSPA was a worthwhile initiative before going on to chair Lyons’ Cyber Essentials Direct, a company offering online security compliance certification to SMEs as well as tools to audit the “cyber health” of other companies in their supply chain.
“Companies can forget that everyone they contract with is a potential risk. It’s a bit like in the past people having wonderful locks on the front door of a building and forgetting that the boiler room was a point of entry as well,” he explains.
Relatedly, the theme of Blunkett’s SCF 2017 talk, he tells me, was: “It’s nothin’ to do with me, guv”. He fears that both individuals and businesses often think of data security as something someone else will take care of for them.
“In most transactions on a day-to-basis, the security offered by Microsoft or Google is perfectly adequate. The problem is when people are banking online or using their own devices when they’re working from home and so on; it’s where there is a very real risk of opening up IT systems to vulnerability, especially when it concerns data that other people might misuse.”
He acknowledges that there has been increased awareness over the past few years following publicity around major data breaches but awareness does not necessarily translate to people taking the appropriate measures. The mind-set is almost that cyberattacks are what happen to other people. “Companies need to treat data security more like they do health and safety or fire risk,” he adds.
Having been a panellist (“the token bloke”, he says with a chuckle) at a recent debate on women in engineering, hosted by Jaguar Land Rover and in the company of successful female engineers including Benita Mehra, President of the UK Women’s Engineering Society and Imogen Pierce, Aerodynamics Engineer at Jaguar Land Rover, Blunkett was also keen to talk about gender equality in the technology sector.
“I learned quite a lot from the discussion during and after the panel,” he says, including the feeling among many women that they are judged more harshly during team meetings than men, making them more reluctant to pitch ideas or speak up.
Blunkett agrees with the belief that gender roles are shaped very early on in childhood and in the classroom, and that this has repercussions that may explain why there are fewer women – and even fewer senior women – in the tech sector.
“We are all affected by our environment, we are bound to be. I may be wrong but I think there is something about the way in which boys are treated that increases their confidence and even if they’re wrong they’ll have a go, it doesn’t put them off. Women are much more subject to introspection.”
The under-representation of women in the tech sector is not evidence of women’s lack of interest in technology, he says: “I think it’s the nature of the business that puts women off, like men (in male dominant environments) behaving in laddish ways. It is the tech industry that has got to change, not women”.