NCSC Chief Reflects On Cyber Crime, China, Russia & Technology

Uploaded on 2020-09-08 in INTELLIGENCE-Hot Spots-China, GOVERNMENT-National, FREE TO VIEW, INTELLIGENCE-Hot Spots-Russia

Ciaran Martin the CEO of the UK’s National Cyber Security Centre (NCSC), is to step down later in 2020 after almost seven years. 

The NCSC, which is part of GCHQ, is the UK’s lead authority on cyber security, overseeing the response to cyber-attacks and improving the cyber resilience of the UK’s national infrastructure. 

According to its own data, since 2016, the National Cyber Security Centre has dealt with over 2,000 major cyber security incidents. 

The NCSC now employs more than 1,000 and commands a budget in excess of £250m. It has dealt with well over 2,000 major cyber security incidents since it opened its doors in 2016, and has driven a more assertive cyber security policy on behalf of the government.

He said cyber-criminals were quick to exploit Covid-19, using it to persuade people to click on links or buy fake goods and that placed new demand on systems built to automate cyber-defences and spot spoof messages.

At the same time, the NCSC had to help government and public-sector organisations deal with the sudden increased dependence on technology, whether in the cabinet meeting over video link or the government sending out genuine text messages to the entire public.

But it was not just cyber crime groups who were on the move, foreign spies also began to go after new targets and protecting universities and researchers seeking a coronavirus vaccine became an urgent new priority. "Many of the people involved never thought they'd be in a case where they'd be talking to part of an intelligence service about resisting major nation state threats against their work," Mr Martin says.

In July, the UK, along with the US and Canada, accused Russian intelligence of trying to steal vaccine  research. The accusation, known as an "attribution", came because the NCSC could draw on GCHQ's long history monitoring Russian hackers. "We have built up significant knowledge of some of the major attack groups from the major nation states, including Russia, over more than two decades," Mr Martin says."For a lot of the things that we were seeing in the high end of vaccine protection, it was detected by us because it was the more sophisticated end, where the attacker is trying harder not to get caught."

Mr Martin says the NCSC has not seen the need to issue specific guidance about Chinese company TikTok, however, which the Trump administration claims is a threat to US national security. "The amount of personal data it collects, people need to be aware of," he says, but "it is slightly less than some of the others". While China has risen up the agenda, Russia has been the more constant concern for the NCSC.

Russia was accused of interfering in the 2019 British general election by hacking and leaking trade documents. "It shows that there is an ongoing threat to democratic processes," according to Mr Martin. "It is not the case in my judgement that there has been sustained high-quality effective disruption of UK politics by the Russians."

Martin defends the intelligence services against the accusation in the recent "Russia report" they have not focused enough on the threat from Moscow. But he also says it should not be the job of spy agencies to regulate political debate. "No-one wants to live in a country where the likes of parts of GCHQ or MI5 are in charge of verifying political information in the midst of an election," he says.

Martin leaves the civil service after 23 years, for a position at Oxford University.where he will be appointed as a Professor of Practice in Public Management, based at the Blavatnik School of Government.

The National Cyber Security Centre (NCSC) has announced that Lindy Cameron is to become its new chief executive from October. Her role will include overseeing the organisation’s response to hundreds of cyber incidents each year, improving the cyber resilience of the UK’s critical national infrastructure, identifying the risks and opportunities for the UK in emerging technologies and leading the NCSC’s ongoing response to the coronavirus pandemic.

NCSC:         BBC:         Evening Express:    Computer Weekly:     New Statesman

You Might Also Read:

Britain's National Cyber Security Strategy Beyond 2021:

 

« Fixing Britain's Digital Skills Gap
How Did Belarus Shut Down The Internet ? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Stratogent

Stratogent

Stratogent does IT and Cybersecurity operations. We specialize in high-touch and high-change IT environments, especially in the biotech and pharma industry verticals.

Alan Turing Institute

Alan Turing Institute

Alan Turing Institute is the UK national institute for data science. A major focus is Big Data analysis with applications including cyber security.

International Computer Science Institute (ICSI)

International Computer Science Institute (ICSI)

ICSI is a leading independent, nonprofit center for research in computer science. Research areas include network security and privacy.

Oak Ridge National Laboratory (ORNL)

Oak Ridge National Laboratory (ORNL)

ORNL conducts basic and applied research and development in key areas of science for energy, advanced materials, supercomputing and national security including cybersecurity.

Sqreen

Sqreen

Sqreen is a web application security monitoring and protection solution helping companies protect their apps and users from attacks.

Rigado

Rigado

Rigado's mission is to enable commercial IoT success by providing high-performance secure and scalable wireless edge connectivity and network infrastructure.

Cysiv

Cysiv

Cysiv SOC-as-a-Service combines all the elements of an advanced, proactive, threat hunting SOC, with a managed security stack for hybrid cloud, network, and endpoint security.

DoQubiz Technology

DoQubiz Technology

DoQubiz is using the idea of security through obscurity to develop their proprietary Fractal Security Engine that implements a highly resilient data protection protocol.

PCS Security (PCSS)

PCS Security (PCSS)

PCS Security provides secure, reliable and state-of-the-art security solutions to help our customers address their security concerns.

Nagios

Nagios

Nagios is a powerful tool that provides you with instant awareness of your organization’s mission-critical IT infrastructure.

Ciphertex Data Security

Ciphertex Data Security

Ciphertex is a leading data security company that specializes in portable data encryption and privacy protection storage systems.

Allurity

Allurity

Allurity is a group of tech-enabled cybersecurity service providers, comprised of best-in-class experts with a common mission to enable a safe digital world.

Deutsche Gesellschaft für Cybersicherheit (DGC)

Deutsche Gesellschaft für Cybersicherheit (DGC)

As a leading provider of cyber security, DGC supports companies in taking advantage of the opportunities offered by the digital transformation – and in minimizing the associated risks.

CryptoDATA

CryptoDATA

CryptoDATA develops products and services based on Blockchain technology, that ensure user security and data encryption, applicable in various fields.

OpsHelm

OpsHelm

OpsHelm provides a Software-as-a-Service solution to help businesses ensure that all of their cloud environments have their security bases covered.

Utimaco

Utimaco

UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions.