The defence secretary’s recent warnings of increased cyber-warfare from nation states and other actors, determined to threaten the UK’s infrastructure, must be a wake-up call to the engineering profession. As we rightly reap the benefits of advanced technological interconnectivity and the rise of Industry 4.0, we must also be vigilant to the dangers that we face now and in the future. Cybersecurity can no longer be an optional extra for engineers; it must be a core competence of the profession.
When you think of warfare, what do you think about? Planes, tanks and ships? While still relevant, this is becoming outdated. An attack on a nation’s infrastructure is increasingly likely to come from a cyber-attack. Imagine the capacity of an aggressor to affect a nation’s manufacturing plants and machines, to compromise the security of products, production lines and supply chains.
Engineers need to focus on not just developing and maintaining technology, but increasingly need to understand and predict cybersecurity threats. But what do we mean by cybersecurity threats? Too many people think of cybersecurity as a virus on our computer – “it’s ok, my company’s IT department is in charge of the firewall and I have got the latest anti-virus software installed.” It is much more than this.
As engineers we specialise in bringing component parts together, often from across the world, to develop a new product. There are many questions we now have to ask ourselves. Do we understand the security behind those components and how secure they are during their lifecycle? How secure are the materials we are using and can they stand up to threats not just now but in the future?