NCSC Chief Reflects On Cyber Crime, China, Russia & Technology

Uploaded on 2020-09-08 in INTELLIGENCE-Hot Spots-China, GOVERNMENT-National, FREE TO VIEW, INTELLIGENCE-Hot Spots-Russia

Ciaran Martin the CEO of the UK’s National Cyber Security Centre (NCSC), is to step down later in 2020 after almost seven years. 

The NCSC, which is part of GCHQ, is the UK’s lead authority on cyber security, overseeing the response to cyber-attacks and improving the cyber resilience of the UK’s national infrastructure. 

According to its own data, since 2016, the National Cyber Security Centre has dealt with over 2,000 major cyber security incidents. 

The NCSC now employs more than 1,000 and commands a budget in excess of £250m. It has dealt with well over 2,000 major cyber security incidents since it opened its doors in 2016, and has driven a more assertive cyber security policy on behalf of the government.

He said cyber-criminals were quick to exploit Covid-19, using it to persuade people to click on links or buy fake goods and that placed new demand on systems built to automate cyber-defences and spot spoof messages.

At the same time, the NCSC had to help government and public-sector organisations deal with the sudden increased dependence on technology, whether in the cabinet meeting over video link or the government sending out genuine text messages to the entire public.

But it was not just cyber crime groups who were on the move, foreign spies also began to go after new targets and protecting universities and researchers seeking a coronavirus vaccine became an urgent new priority. "Many of the people involved never thought they'd be in a case where they'd be talking to part of an intelligence service about resisting major nation state threats against their work," Mr Martin says.

In July, the UK, along with the US and Canada, accused Russian intelligence of trying to steal vaccine  research. The accusation, known as an "attribution", came because the NCSC could draw on GCHQ's long history monitoring Russian hackers. "We have built up significant knowledge of some of the major attack groups from the major nation states, including Russia, over more than two decades," Mr Martin says."For a lot of the things that we were seeing in the high end of vaccine protection, it was detected by us because it was the more sophisticated end, where the attacker is trying harder not to get caught."

Mr Martin says the NCSC has not seen the need to issue specific guidance about Chinese company TikTok, however, which the Trump administration claims is a threat to US national security. "The amount of personal data it collects, people need to be aware of," he says, but "it is slightly less than some of the others". While China has risen up the agenda, Russia has been the more constant concern for the NCSC.

Russia was accused of interfering in the 2019 British general election by hacking and leaking trade documents. "It shows that there is an ongoing threat to democratic processes," according to Mr Martin. "It is not the case in my judgement that there has been sustained high-quality effective disruption of UK politics by the Russians."

Martin defends the intelligence services against the accusation in the recent "Russia report" they have not focused enough on the threat from Moscow. But he also says it should not be the job of spy agencies to regulate political debate. "No-one wants to live in a country where the likes of parts of GCHQ or MI5 are in charge of verifying political information in the midst of an election," he says.

Martin leaves the civil service after 23 years, for a position at Oxford University.where he will be appointed as a Professor of Practice in Public Management, based at the Blavatnik School of Government.

The National Cyber Security Centre (NCSC) has announced that Lindy Cameron is to become its new chief executive from October. Her role will include overseeing the organisation’s response to hundreds of cyber incidents each year, improving the cyber resilience of the UK’s critical national infrastructure, identifying the risks and opportunities for the UK in emerging technologies and leading the NCSC’s ongoing response to the coronavirus pandemic.

NCSC:         BBC:         Evening Express:    Computer Weekly:     New Statesman

You Might Also Read:

Britain's National Cyber Security Strategy Beyond 2021:

 

« Fixing Britain's Digital Skills Gap
How Did Belarus Shut Down The Internet ? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ACME Communications

ACME Communications

ACME Communications specialises in the field of data centre, implementation, maintenance & operation and all aspects of other IT service.

Security Research Labs (SRLabs)

Security Research Labs (SRLabs)

Security Research Labs is a Berlin-based hacking research collective and consulting think tank.

PerimeterX

PerimeterX

PerimeterX is the leading provider of solutions that secure digital businesses against automated fraud and client-side attacks.

Araxxe

Araxxe

Araxxe delivers Revenue Assurance, End-to-End Billing Verification and Interconnect Fraud Detection solutions to communication companies worldwide.

Montreal International

Montreal International

You’re an entrepreneur planning to launch a company in an innovative sector such as AI, cybersecurity, 'deeptech' or fintech? You’ve found the right place!

BTblock

BTblock

Blockchain and cybersecurity is a vital combination for Enterprise success. BTblock is a Force Multiplier for its clients.

Polymer Solutions

Polymer Solutions

Polymer is a Data Governance & Privacy Platform for third party SaaS apps. A modern Data Loss Protection (DLP) approach to remove sensitive data exposure on collaboration tools in real-time.

CoursesOnline

CoursesOnline

CoursesOnline.co.uk is a database listing IT security courses from providers across the UK.

Campus cyber

Campus cyber

A project initiated by the President of the Republic, the Cyber Campus is the totem site of cybersecurity that brings together the main national and international players in the field.

Mobb

Mobb

Mobb's AI-powered technology automates vulnerability remediations to significantly reduce security backlogs and free developers to focus on innovation.

Centric Consulting

Centric Consulting

Centric Consulting is an international management consulting firm with unmatched expertise in business transformation, AI strategy, cyber risk management, technology implementation and adoption. 

TrustMe

TrustMe

TrustMe’s integrated platform for business trust and resilience keeps organizations safe, secure, and trustworthy.

Argantic

Argantic

Argantic aims to help organisations thrive and reach their full potential in a modern cloud-centric era.

Syteca

Syteca

Syteca is specifically designed to secure organizations against threats caused by insiders. It provides full visibility and control over internal risks.

Blind Insight

Blind Insight

Field-level searchable encryption plus fine-grained programmable access controls. All wrapped neatly in developer-friendly APIs and SDKs. Data protection perfection.

CPX

CPX

At CPX, we go beyond addressing today’s security risks—we anticipate the challenges of tomorrow.