Yesterday morning, at the awards ceremony for the Cyber Security Challenge “Can you talk security” competition, our BT host described Skyfall as a blockbuster careers advice film for the brightest and best of the younger generation. He quoted the new “Q” describing James Bond as a dinosaur “I can do more damage on my lap top in my pajamas before my first cup of Earl Grey than you do in a whole year.”
Visit the Skyfall website and watch the clip of James Bond meeting his new Quartermaster. Those who bleat about the lack of realistic careers guidance should focus on joining up the dots on how Q got his job. They should also watch his chagrin when he learns that an old-time hacker (same vintage as James Bond) breaks his network security wide open. One of the supposed teenage hackers arrested during the investagation described in Misha Glenny’s Dark Market was in his 60s, waiting for a hip replacement and asked to put his teeth in before he was taken to the police station.
But Skyfall does much more. It is also covers the three top tips that are missing from the CESG Executive Guidance on Cyber Security (and all other guides produced by mainstream security experts):
1) Do not put all the crown jewels in one database: whatever the claimed security etc.
2) Do not link all your networks together: whatever the claimed security etc.
3) Take good care of potentially disaffected former employees. They are your biggest weakness
CISOs who claim their Board does not understand the importance of cybersecurity should tell them to watch Skyfall with their grandchildren. The CISO should then be ready to lead a discussion on what “M” should have done in order to go out of office with pride – instead of seeing her reputation for competance trashed and having to retreat to a communications not spot to die in the arms of her favourite, but now ageing, toyboy.