The discussion this morning on the Today Programme between Deborah Hallett from 90% and Lord Haskins, former chairman of Northern Foods illustrated why the public should not trust what the food they buy from those who rely on purely electronic data as to what is happening in their supply chains.
Without reports of physical inspections by those who can be trusted, which may well be sent electronically, (provided the authentication is fit for purpose), we can have no more confidence in what is claimed with regard to contents of our beefburgers than in claims about the performance of our hospitals.
We see trust in traditional brands being destroyed as they are sold to “front” cost-cutting, outsourced operations with tick box, contractual controls (which may bear little or no relation to reality) at the same time as we are expected to trust new brands on the basis of Internet ratings which may have been generated by a botnet.
Who is serious about wishing to rebuild trust in the on-line world, as opposed to herding the sheep on-line to be fleeced? It is now over two years since I started blogging on this topic.
We appear to have over twenty Universities interested in participating in a competition for Masters’ Dissertations on how to improve confidence in on-line products and services.
Now comes the interesting task of turning industry interest into active sponsorship.
The first to agree a budget has an unashamed objective of trawling the entries for interesting recruits to help improve the security of its product lines. It will be more than happy for its support to be announced when we go public (on March 10th).
The second, who will wish to remain anonymous lest they become a target for attack, is looking for credible answers that it can support with practical action.
The third, which has yet to agree a budget, has unashamed marketing objectives behind a mask of corporate social responsibility.
But the problem is not confined to the private sector.
Until we have restored confidence in public sector data any wet dreams of digital by default will remain just that.
On Friday I was discussing some of the implications this has for the long overdue plans for overhauling our information security skills frameworks, including to improve accuracy, reliability and resilience – not just to preserve cybercrud in aspic.
I am reasonably optimistic that the plans likely to be announced in a couple of weeks time will get a positive rsponses from private sector employers. But will the public sector follow suite? How do we engineer the political pressures to ensure that it does so, without further damaging confidence? Or is further loss of confidence inevitable and a price worth paying in the longer term?