Episode 50: History of cyber

This series was created with Joe Rose, a Senior Product Manager and Senior Security Architect, bringing practical, real-world security insight.

History of cyber security and why it matters today

Cyber security has become a huge topic, and the word itself is often overused. In this episode, the conversation explores where cyber security came from, how it has evolved, and why it has become critical for every organisation. The aim is to break the topic down into something practical and understandable, especially for those working in technology procurement.

For a broader view of how cyber security applies today, start with our introduction to cyber security.

How cyber security started

In the early days of IT, most systems were not connected to the internet. Offices used internally developed software, green screen systems, and coaxial Ethernet networks. Data lived on local servers, often locked away with nothing more than a single key.

Security needs were simple. Antivirus software and a firewall were usually all that was required. The only external connections were basic email or voicemail systems. Because everything lived inside a building owned and controlled by the organisation, the risks were low.

The rise of connectivity and new risks

The introduction of web browsers in the mid-1990s marked a turning point. As soon as businesses became connected to the wider internet, they also became exposed to external threats. This was the beginning of the cyber security industry as we know it.

Traditional antivirus systems relied on signatures to detect known threats, but as attackers became more sophisticated, new methods were needed. Ransomware, retail breaches, and cloud-based attacks highlighted weaknesses in both infrastructure and behaviour.

This led to the rise of behavioural antivirus tools such as endpoint detection and response (EDR). Instead of just scanning for known virus signatures, these tools monitor how processes behave. If something looks suspicious, the system can isolate the device and limit the spread.

Layers of protection in modern cyber security

Modern cyber security follows a layered approach:

1. Prevent attackers from getting in

2. Limit damage if they do get in

3. Detect unusual behaviour as early as possible

For critical national infrastructure, this often includes segmenting networks into isolated areas so that a breach in one part does not compromise everything. Firewalls, routers, and other perimeter devices also monitor for patterns that indicate malicious activity.

The growing challenge for businesses and procurement teams

Cyber attacks have increased in complexity and consequence. As seen in recent high-profile breaches, the financial and operational impact can be severe.

For procurement professionals, this creates a clear challenge. Most will not have deep technical knowledge, so their role becomes about:

• Understanding and quantifying risk

• Working with specialists to identify appropriate tools

• Building a business case that balances effectiveness and value

• Ensuring solutions meet regulatory expectations

Regulators have tightened requirements over the years, often setting high-level rules that require interpretation. This makes alignment between technical teams and procurement even more important.

Cyber security today

From the basic tools of the 1980s and 1990s to the highly interconnected environment of today, cyber security has evolved at pace. Attackers have evolved just as quickly, making protection more complex and more business-critical than ever.

Future conversations will explore the different types of risks organisations need to protect against, and the practical steps businesses can take to reduce them.

Looking to strengthen your cyber-related procurement decisions? Get in touch.

Continue exploring cyber security

• Key subcategories within cyber security

• Different services within the cyber supply chain

• Key vendors in cyber

• Summary of cyber