CYBER RISKS AND DATA MANAGEMENT:

The hidden risks that could destroy your business

Protect Yourself with AON: Half Day Seminar

When: Wednesday 5 March 2008 - 9am - 1pm (lunch included)

Where: The Honorable Artillery Company

Armoury House, City Road, London, EC1Y 2BQ

I was delighted to receive an invitation to speak at this seminar, hosted by AON, the insurance people and designed to raise awareness about the risks around Data Loss and ID Theft. Mainly because there was a buffet lunch with wine.

I think they asked me along because somebody had seen me on the ten o'clock news filling in for the real experts and had scribbled my name down on the back of a lottery ticket because they had this security seminar coming up.

Not wishing to be found out as one of the frauds or charletans; better known as marketing managers, I took along a chum from the technical department who knew his stuff.

The venue was the Honourable Artillery Company, which has just been refurbished with a similar colour to the paintwork in my back lobby and was emblazoned with stuffed animal heads, regimental colours and guns galore. Charlton Heston would have been very much at home within it's hallowed halls.

There was a good turn out of people and I was second in to bat, following an American Vice-President (aren't they all) who was, shall we say rather confident. Stepping up to the podium, I thought this must be how Tony Blair felt every time he followed George Bush's war against terror speeches. Except I had no intention of agreeing with the guy who'd spoken before me, I felt it best not to acknowledge that he's spoken at all. After all, a great comic never thanks his warm up act, and if there's one thing this lot were going to do during my presentation, it was laugh - probably at me.

I had chosen for my theme, the received wisdom that the collation or more and more national databases, each one bigger than its predecessor was not necessarily the best way to protect the confidential information of businesses or the private citizen. I deliberately avoided any partisan conclusions but presented the issues as I understood them and raised a lot of questions for the audience to ponder on. Whether the database be for ID Cards, the NHS, DNA, all school children or our banking records, the more sensitive information that is kept about us and the more people who have authorised access to it, the more danger there is that the systems will be compromised. The Daily Mail readers often carp on about how if you've nothing to hide, then you've nothing to fear from records being kept about you but I don't agree. The most innocent of people still have plenty to lose if a database with their personal records on is deliberately hacked or accidentally lost and the information is sold or falls into the wrong hands. Together we examined the alternative approaches taken by other countries in the west and then looked at how the UK's legal and regulatory ladscape might change in the near future. Although it was sprinkled with well received gags, the presentation was on the whole cogent and provocative, even if I say it myself. I was then followed by my technical chum who approached the subject from the user perspective and pointed out ways in which individuals can protect themselves. He then showed a number of examples on social networks, blogs, shopping sites and the like of how people give away information about themselves which could be used to steal the identity of the user. All these examples were sanitised and his piece de resistance was to point out they all belonged to people in the audience. On that bombshell, our work there was done and we both sat down.