GCHQ Chief Wants A Big Effort To Improve British Cybersecurity

The head of GCHQ has made the case for a “genuinely national effort” to help improve the UK’s cyber security. Director Jeremy Fleming stressed the need for continued and increasing collaboration between government, academia and industry partners in the UK and abroad in a keynote speech last week.

He argued that the technological revolution brings with it “increasing complexity, uncertainty and risk”, telling an audience in Glasgow it brings “new and unprecedented challenges for policymakers as we seek to protect our citizens, judicial systems, businesses, and even societal norms”.

The director of the agency often referred to as Britain’s listening post was one of the main speakers at the CYBERUK 2019 conference at the Scottish Event Campus. He told an audience of 2,500 people from across the tech community about the need for new policies and new ways of thinking to complement existing approaches to dealing with cyber security threats.

The GCHQ chief also highlighted the impact of the Active Cyber Defence programme, saying that by last month the UK-hosted share of global phishing dropped below 2% for the first time, down from 5.4% in 2016. Also that year, HM Revenue & Customs (HMRC) was the 16th most phished brand globally, but today it is ranked 146th and accounts for less than 0.1% of all phishing emails.

“Our protective DNS system for the public sector blocked access 57.4 million times with malware such as Confiucker, malware from 2008, still running in public sector networks,” Mr Fleming said.

He encouraged businesses in all sectors to work with GCHQ to find new ways of incorporating these automated services, saying: “If enough do, the results could be truly transformational, a whole-of-nation, automated cyber defence system”.

He spoke about how National Cyber Security Centre (NCSC) analysts are now sharing time-critical, secret information with the private sector in a matter of seconds.  

“In the coming year, we will continue to scale this capability so, whether it’s indicators of a nation state cyber actor, details of malware used by cyber criminals or credit cards being sold on the dark web, we will declassify this information and get it back to those who can act on it.”

He made the case that improving the cyber security of the UK is only achievable if we “build a genuinely national effort, with more connections and deeper cooperation with the private sector and even closer working with our partners and allies”. 

“To make this a success, our strongest defence and most powerful weapon will be our ingenuity, our ability to imagine what has yet to be imagined. To see further into the future than anyone else.

“Our vision for the next stage of the UK’s cyber security strategy aims to do just that. The prize is great, a safer, more successful UK.”

ITV News

You Might Also Read: 

British Cyber Security Strategy Is ‘Chaotic’:

British Politicians Need To Better Understand Cyber Security:

 

« Authenticating Digital Evidence
Russia Plans To Monitor Internet Access »

Directory of Suppliers

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Tenable Network Security

Tenable Network Security

Tenable Network Security - Don't rely only on CVSS to prioritize. Use machine learning to predict what is most likely to be exploited.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Prosperon Networks

Prosperon Networks

Prosperon Networks support SMB to Enterprise networks through the provisioning of network monitoring software, customisation, consultancy and installation.

Vertical Structure

Vertical Structure

Vertical Structure services include Security & Penetration Testing, Information Assurance, Bespoke Training Programs and Secure Hosting.

SSLGuru

SSLGuru

SSLGURU provide tools and services to manage SSL certificates and to create higher level of online security.

Allen & Overy

Allen & Overy

Allen & Overy is an international law firm. Practice areas include Telecommunications, Media and Technology.

OneSpan

OneSpan

OneSpan (formerly Vasco Data Security) is a global leader in digital identity security, transaction security and business productivity.

Vintegris

Vintegris

Víntegris designs, implements and manages information security infrastructures for Spain's leading financial institutions and large corporations.

PhishX

PhishX

PhishX is a SaaS platform for security awareness that simulates Cyberthreats, train people, while measure and analysis results, reducing Cybersecurity risks for People and Companies.

Osirium

Osirium

The Osirium PxM Privileged Access Management platform addresses both security and compliance requirements by defining who gets access to what and when.

National Center for Cyber Security Technology (NCCST)

National Center for Cyber Security Technology (NCCST)

NCCST provides cyber security protection and technical services at a national level in Taiwan.