Protecting Digital Infrastructure Without Going Broke

Uploaded on 2025-03-13 in TECHNOLOGY--Resilience, GOVERNMENT-National, FREE TO VIEW

With the head of GCHQ using his first major speech at the NCSC’s Eighth Annual Review to emphasise the need for sustained vigilance in an increasingly aggressive online world, the scale of the challenge facing the nation’s security and defence industry has been laid bare.

Describing the cyber risks facing the nation as ‘widely underestimated’ and warning that Britain and its allies are competing in a high-stakes contest for cyberspace, Richard Horne focussed on what he called ‘a widening gap’ between the country’s exposure to threats and the defences that are in place to protect us. 

So what are the risks facing our nation and what can be done to guard the UK’s growing dependency on technology against adversaries who seek to use it against us or exploit it for criminal gain?

Barely a week goes by without headlines about cyber incidents impacting the country’s public infrastructure. One increasingly popular target seems to be the NHS, whose sprawling and sometimes outdated IT systems makes it particularly vulnerable to attack. While sensitive patient, employee and commercial data held on its systems could be of interest to bad actors, the sheer disruption these attacks cause - from cancelled surgical procedures and outpatient appointments to the inability to access patient records - means pressure ramps up quickly to get systems back online, making it a particularly attractive target for ransomware attacks. 

It is a problem that has grown to such an extent that the Government recently announced plans to ban all UK public bodies - including the NHS - from making ransomware payments, as part of wider efforts to stem this increasingly important revenue stream for criminal gangs and pariah states. 

Elsewhere, of more than 430 incidents handled by the National Centre for Cyber Security’s incident management team last year, 347 involved some level of data exfiltration, highlighting the growing value of sensitive data to bad actors around the world.

So, with cost pressures growing across Government departments, what can the nation do to rise to the challenge and better protect our sensitive data, critical infrastructure and national security?

Current methods for data storage and management in both defence and wider commercial sectors are essentially the same: Data is typically stored in a contiguous format, then ‘protected’ by encryption to ‘keep it safe’. The physical infrastructure of servers, data centres and even cloud computing that supports this arrangement are centralised and static while, in a defence context, hierarchical systems of data protection and classifications drive additional hardware and software requirements.

Each layer adds complexity and costs to the process, while increasing risk by expanding the available attack surfaces. It is an approach that creates four key issues:

  • Firstly, it concentrates risk in data centres, which are now included in critical national infrastructure, and carrier networks that can become prime targets at times of international confrontation or conflict. This risk escalates proportionally the greater the volume of data that is stored, so will only become a bigger and more-costly to manage as time goes by.
  • Secondly, the imminent arrival of quantum computing means many existing encryption techniques will become easy to break, leaving vast swathes of sensitive data vulnerable.
  • Thirdly, as ‘hub-and-spoke’ approach to systems architecture, it creates bottle necks that impede the effective flow of data between those authorised to do so. The UK’s defence forces are increasingly integrated but current approaches are highly-reliant on information flowing between departments, which needs to be managed quickly and securely.
  • Finally, at a time when pressures on public budgets are at an all-time high, existing infrastructure set ups drive significant cost. Expenses associated with maintaining data centres, virtual private networks (which themselves have become part of the attack surface), encryption licenses and so on are expected to rise to represent some 10-20% of MOD IT spending over the short-to-medium term - an expensive state of affairs.

In short, our current, centralised data storage and encryption methods represent a national risk when placed in the context of growing complexity and volumes of data that need to be secure, accessible and exploitable. 

There has to be a better way. And there is… data disaggregation. 

This approach breaks down data into smaller fragments that are then stored across multiple platforms, rather than being held in one place on centralised servers and physical storage systems. It is a paradigm shift that could not only improve the security of our critical systems but also allow public bodies to unlock commercial cloud infrastructure for national projects; delivering significant budget savings compared to existing infrastructure, which could then be redirected into other priorities.

The benefits of this approach are many:  Crucially, it becomes virtually impossible for attackers to reconstruct sensitive data should even a partial breach of this desegregated system occur; The technology is future proofed against both quantum computing and the power of AI attack tools that can break traditional encryption techniques; Data can move more freely between parties with appropriate access permissions, improving decision making and data flow - this offers a valuable, UK-developed solution that could be implemented more widely with NATO and Five Eyes allies, to name just one example. Finally, it also offers significant cost reductions that will only snowball as the scale of data storage grows.

Prizsm Technologies’ patent-pending platform has already been tested by the MOD and was the first innovation technology to pass the MOD’s Bug Bounty programme. By breaking down data into atomic bit-level fragments (rather than shards/fragments) that are stored non-sequentially across multiple cloud platforms, it significantly enhances security - even against quantum attacks.

It is even expected to offer savings of greater than 50% versus traditional, centralised data storage, over time. 

We live in an information age, with a Government committed to digital transformation across a range of critical services. Adopting data disaggregation for the country’s data storage needs would not only future proof critical data infrastructure, but would also entrench the UK’s position as a global pacesetter when it comes to developing effective defences.

A modern, data-driven age requires modern, data-storage infrastructures that protect the interests of our citizens, nations and allies - infrastructure that can be set-up alongside existing systems to smooth the transition period but which can also adapt quickly to fast-evolving use cases and digital threats.

That technology already exists. Now is the time to use it.  

Adrian Fern is Chief Technology Officer at Prizsm Tehnolgies

Image: Alex Shuper

You Might Also Read: 

Securing National Communications Infrastructure

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Israel’s Emergency Medical Service Attacked
Continuous Cybersecurity Learning Is Business-Critical »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Trusted Computing Group

Trusted Computing Group

TCG was formed to develop, define and promote open, vendor-neutral, global industry standards, supportive of a hardware-based root of trust, for interoperable trusted computing platforms.

Celestya

Celestya

Celestya is dedicated to providing the most advanced and cost effective systems for human behavior education on cybersecurity awareness training.

Malware Patrol

Malware Patrol

Malware Patrol provides intelligent threat data that protects against cyber attacks.

InfoGuard

InfoGuard

InfoGuard is a leading Swiss company providing comprehensive cyber security and network solutions.

Halon

Halon

Halon is a flexible security and operations platform for in-transit email.

Viscount Systems

Viscount Systems

Viscount Systems is a global security software solutions company that is changing the way access control is deployed and managed in the enterprise.

Cybersecurity Competence Center (C3)

Cybersecurity Competence Center (C3)

The Cybersecurity Competence Center was created to further strengthen the Luxembourg economy in the field of cybersecurity.

Worldline

Worldline

Worldline IIoT solutions allow industrial companies to start their digital transformation journey with industrial level cyber security standards (IEC 62443 ready).

Check Point SASE

Check Point SASE

Check Point SASE (formerly Perimeter 81) is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

CyberSaint Security

CyberSaint Security

CyberSaint’s CyberStrong Platform empowers organizations to implement automated, intelligent cybersecurity compliance and risk management.

Consensys

Consensys

ConsenSys is a global blockchain company. We develop enterprise applications, invest in startups, build developer tools, and offer blockchain education.

Sentor Managed Security Services

Sentor Managed Security Services

Sentor Managed Security Services is a cybersecurity company that enables organizations to exist in a digitally connected world.

Securolytics

Securolytics

Securolytics offers the simplest, most complete and affordable IoT security for all organizations. Securolytics quickly identifies unmanaged devices to reduce security and compliance risks.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alkira

Alkira

Alkira has reinvented networking for the cloud era by delivering the network cloud, the first global unified network infrastructure with on-demand hybrid and multi-cloud connectivity.