Do walls still have ears?

Back in 430 – 367BC it is believed that Dionysius of Syracuse was listening to people’s conversations without being in the room, he was actually some distance away from the unsuspecting individuals. By utilising a shaped cave between the associated rooms he was able to clearly hear conversations taking place and was able to gather information to not only better himself, but also protect him self. His answer to today’s system-monitoring software.

Over the centuries since, many societies have utilised this method with listening posts. There are examples today of such buildings, The Louvre in Paris and St Paul’s Cathedral in London. In Kent and other areas of the UK a similar principle was used in warfare, large concrete acoustic domes were used to catch sound during WW1 to detect troop movements.

From as early as 1620 the phrase “Walls have Ears” has been spoken or written in English indicating that conversation can easily be overheard.

During WWII the phrase was used very well in a campaign to discourage loose talk that could bring disastrous consequences to the war effort. It was targeted at civilians and service personnel alike in an effort to reduce gossip.

That was over 70 years ago, the thing is, have we learnt anything from this?

In today’s society and work place the advent of the electronic age in the 21st Century has made things easier for us humans to get on with our daily lives. We conduct our banking, ordering goods and services and communicating with our friends and colleagues online and over the telephone, whether it be mobile or landline. However, a number of us humans don’t take this kind of thing seriously enough to protect our information.

Ironically I had been to a cyber security conference in London and on the train back, two simple things happened within my eye and earshot.

  • A lady on the her mobile phone was obviously placing an order of some description, because I heard her name, account details, card expiry date and CVV code! Personally not something I would want anyone to hear, she had provided enough details for someone to note and potentially utilise for fraudulent use.
  • The gentleman sat next to me was using his laptop and was clearly working on a confidential document! Really, in a public place. I don’t think the business he worked for would want anyone outside of the business to see what he was working on.

Both individuals were clearly business people, you would think that security and awareness was part of there business structure, clearly if it was, they didn’t think about what they were doing, whether it was business or personal.

Today’s business environment does not just happen in the office, its mobile and people can actually see what you are doing outside of the office spaces, mobile devices make it easier to work on the go, meetings are common in public spaces, they happen in hotels, restaurants, cafes and many other venues.

People are curious and inquisitive things; me, I am a people watcher and it’s amazing what you can deduce from watching someone. Every business needs people, its one reason people should be top of the priorities list and included in the overall information security infrastructure.

Here in the UK, the government has endorsed a campaign for a basic Cyber Security standard in the SME and larger businesses as a precursor to some of the current international standards for security. This standard helps shape the way a business deals and secures information. Training is key to this and people trained in the work place can transfer that skill to their personal lives.

In answer to the original question, “do walls still have ears?” unfortunately yes they do, but they are more sophisticated and they are looking to take your information. Be the one to say no and make sure that you as an individual protect your information as best possible. If you are a business, make sure that your people are security aware, as they could be one of your lines of defence.

@BeAFirebrand my first course

Last week I was at Firebrand Training located at Wyboston Lakes in Bedfordshire, I had been contemplating a course with them for a while. I had heard about their attitude to training and the rumour that if you don't pass first time, they will allow you to resit the course for free. I knew a few people who had sat technical courses with them and they all said that you are immersed into your subject from dawn to dusk and I don't mean the winter hours dawn till dusk (short days).

So I had the opportunity through work and I applied for the Business Continuity Lead Implementer course. All I can say is that I never knew it was possible to squeeze a 4 day course in to two and half days and a three hour exam.

The course was excellent, it put everything that I had previously read about ISO22301 Business Continuity Management System in to complete perspective, The fact that we also had 4 different nationalities in the classroom also helped as there was varying degrees in knowledge of Business Continuity and Information Security; this really helped towards discussion during the hours locked in the classroom 🙂

The course includes the accommodation, three meals, snacks and drinks, so taking in to account these elements and the effectiveness of the course; the value is extraordinary over other courses where hotels and food are extra. The fact that the Firebrand Training centre is on the site of the hotel is also excellent, less than a hundred metre walk to the classroom.

I have been truely Firebranded, now all I need are the results from the exam (not Firebrand), my FireBrand T-Shirt and to book my next course.

More details about firebrand can be found here: