Project Smart ~ Exploring trends and developments in project management today

Calendar icon
Adobe PDF icon

How Much Will Cybercrime Affect Project Management in 2016?

~ By Brad Egeland

Security concept: Data Security typed on a digital screen

I recently posted some predictions for project management in 2016. One thing I didn't cover was cybercrime and cybersecurity. Cybercrime grew in public awareness and concern between 2014 and 2015, and there seems to be no let up if the number of articles and alerts about it are any indication.

Every year I attend the digital security conference in Las Vegas known as Black Hat USA. It's a hacker's dream conference with many briefings and demonstrations of the greatest digital and technological assaults from the past year. To say it's impressive is an understatement.

Not being anything close to a hacker myself - just a very interested bystander at this event - I've learned one thing for certain: ANYTHING can be hacked. Nothing is sacred - not even medical devices…even the ones inside a person's body - and the hackers are always going to be one or two steps ahead of patches and anti-hacking policies and actions taken by organisations.

We react and fix, but they're already plotting the next intrusion.

So, in terms of project management, what's in store for 2016? Are our projects and data at greater risk than they were in 2015? Are we taking necessary precautions to prepare for these risks? Can we - or do we even know - what they might be?

Let's dive into answering these questions:

What's in Store in Terms of Cybercrime and Cybersecurity for 2016?

My immediate answer for this is, "Who knows?" I don't have a crystal ball. It's like the terrorist activity going on in the world right now. Following Paris, and then San Bernadino in the US, I felt that London was the next obvious target for terrorist activity. That actually was recently the case - though on a smaller and non-deadly scale. But it's nearly impossible to predict unless you happen to be part of the organisations monitoring the Deep Web and social media activity for terror event alerts. The same is true of trying to predict cybersecurity breaches.

It's harder to predict the next cybersecurity breach than it is the next earthquake or volcano eruption. But we can be at least partially prepared through our own dedicated risk planning and management. We cannot cover everything, but we can plan for how we will go into disaster recovery mode. We can plan how we will respond to our customers' concerns and needs.

Are We in Greater Danger of Hacking and Data Breaches in 2016?

In my best opinion, from what I'm seeing around us and at conferences, the answer is a definite yes. Hackers and cybercriminals are always looking for their next targets. Sometimes for fun, sometimes for monetary gain.

If you're a big target with valuable data, you could be next. If you're a small organisation and your data has little monetary value, then you're probably safe - for now. But a small organisation whose customer data is compromised stands the risk of going out of business due to losing all its business as a result of customer insecurity.

Are We Taking the Appropriate and Necessary Precautions?

Probably not. As stated above, we should - at a minimum - be planning risk activity in terms of cybercrime events and how we will react. We should check and re-check our data backup processes and offsite data recovery options should a site or location become compromised or unusable. This is costly, yes, but it can be done at a higher organisational level in a way that's applicable to all projects.

In other words, do it once and do it right. Use that plan for all projects going forward until a certain hack renders those plans unusable. Then go back to the drawing board. Use national and international business and industry security breach events as learning moments and opportunities.

Do We Even Know What Precautions to Take?

Again, probably not. But as we become more aware, and create policies and possibly even our own cybersecurity infrastructure within our organisations, we can set up repeatable processes and actions that can be taken across all projects and for all incidents.

Summary & Call to Action

We need to be aware of the criminal world around us in terms of digital security. Do we need a digital security team in our organisation? Probably. Do we need to hire an expert? Possibly, though many are growing their own talent while they can still stay a bit ahead of the game.

If you aren't handling significantly sensitive data at the moment, then I recommend growing your own security talent from within, utilising the skilled resources you already have who are already familiar with your business processes and client needs. Start it off as a project with a project manager and team. The end solution can be the creation of a two to three member internal cybersecurity team and department.

Whatever you do, complete inaction isn't the answer. While you cannot know what cybersecurity threats lie ahead, you can and should be proactive.

What about your organisation? Are you currently taking specific measures to prevent data breaches on the projects you manage and the customer and internal data you handle? Have you experienced a significant cybersecurity incident? Please share and discuss.


Comments

Be the first to comment on this article.

Add a comment



(never displayed)



 
1500
Enter the word shark backwards.
Notify me of new comments via email.
Remember my form inputs on this computer.

Is Our Data Safe?

Security concept: many red opened locks around one closed blue lock

Following the annual Black Hat USA Conference in Las Vegas, Brad Egeland looks at the issue of data security and why we aren't paying enough attention to it.

Protecting Sensitive Project Information

Sign: WiFi zone with a small coffee cup

Three key suggestions to make yourself and your project and personal information safer when working from public WiFi hotspots.

The Top Five Software Project Risks

Colour risk blocks falling

A look at the top five software project risks identified in 'Waltzing with Bears' and how they have solutions rooted in Agile methods.

Project Risk: Is It All Bad?

Road warning sign - Risks Ahead

Risk Management is an essential part of any programme or project and can vastly contribute to successful delivery.

PROJECT SMART is the project management resource that helps managers at all levels improve their performance. We provide an important knowledge base for those involved in managing projects of all kinds. With weekly exclusive updates, we keep you in touch with the latest project management thinking.

WE ARE CONNECTED ~ Follow us on social media to get regular updates and opinion on what's happening in the world of project management.


Latest Comments

John Corbett commented on…
10 Rules of Highly Successful Project Management
- Mon 19 September 1:36pm

London Management Centre commented on…
Get Maximum Benefits of Merging Top-down and Bottom-up Project Management
- Mon 19 September 11:29am

Mikey commented on…
PMP vs. PRINCE2 Certificates
- Tue 13 September 2:24am

Latest tweets

General Project Management • Re: What do you think about instinctive managers? https://t.co/ZthJHn8jVH #pm #projectsmart about 2 days ago

Why Group Brainstorming Doesn't Work https://t.co/trKtZNtWp5 via @trello #projectsmart about 2 days ago

General Project Management • What do you think about instinctive managers? https://t.co/jpiKgiWLod #pm #projectsmart about 3 days ago