fbpx
Connect with us

Tech

Covid-19 will loom over cyber strategy for years to come

Published

on

Covid-19 will loom over cyber strategy for years to come

In remarks delivered to a Chatham House conference, NCSC head Lindy Cameron reflects on the security challenges facing the UK, and sets out some plans for the future

Alex Scroxton

By

Published: 11 Oct 2021 16:04

The Covid-19 pandemic, the continuing threat posed by ransomware, the growth in supply chain attacks and the strategic technology challenge posed by hostile nation states are some of the biggest cyber security challenges facing the UK today, National Cyber Security Centre (NCSC) CEO Lindy Cameron has said.

In a keynote address to Chatham House’s annual Cyber 2021 conference, Cameron said the events of the past year illustrated both the diversity and significance of the cyber security threats facing UK plc today, and will continue to do so.

“The coronavirus pandemic continues to cast a significant shadow on cyber security and is likely to do so for many years to come,” she said. “Malicious actors continue to try to access Covid-related information, whether that is data on new variants or vaccine procurement plans.

“Some groups may also seek to use this information to undermine public trust in government responses to the pandemic. And criminals are now regularly using Covid-themed attacks as a way of scamming the public.”

Cameron added: “Ransomware presents the most immediate danger to UK businesses and most other organisations – from FTSE 100 companies to schools, from critical national infrastructure to local councils. Many organisations – but not enough – routinely plan and prepare for this threat and have confidence that their cyber security and contingency planning could withstand a major incident. But many have no incident response plans, or ever test their cyber defences.”

In a wide-ranging speech delivered just over a year into her tenure as boss of the NCSC, Cameron reflected on the events of the past year, including a spate of highly significant cyber attacks, many of which could have been stopped or substantially mitigated by following simple and actionable steps.

She also touched on the commercialisation and abuse of largely unregulated cyber exploitation products, in the first public comments made by a UK public official on the growing scandal surrounding the development of Pegasus, a sophisticated mobile spyware tool, by Israel-based NSO Group, and its subsequent abuse by government users to spy on activists, dissidents, journalists and political opponents.

“Those with lower capabilities are able to simply purchase techniques and tradecraft – and obviously those unregulated products can easily be put to use by those who don’t have a history of responsible use of these techniques,” she said. “We need to avoid a marketplace for vulnerabilities and exploits developing that makes us all less safe.”

Security by default

Cameron also looked ahead to the imminent publication of the UK’s new National Cyber Strategy, which is due to be launched before the end of 2021 and will give the NCSC a refreshed mandate to build and enhance the UK’s security, with tougher regulation in some areas, increased support in others, and better protection across the board for citizens, with government leading the way.

“Investing in government cyber security will also mean the public sector’s buying power will help ensure the market provides good, secure technology by default,” she said. “This will be essential to realise the benefits of the UK’s long-term transition to a fully digitised economy.”

Cameron said that technologies and developments designed to benefit society would continue to be exploited by malicious actors of all stripes, and stressed the importance of making technology secure by default.

“Last month, we published our plans to move away from our past, prescriptive approach to assuring technology – such as encryption products and routers – based on point-in-time certificates,” she said.

“In the future, we will take a principles-based approach to security functionality and put much more emphasis on proportionality and the engineering practices of the developer, rather than running through a check-list of criteria that need to be met. This approach will be repeatable, evidence-based and, crucially, scalable, to ensure it delivers a real national-level impact by creating a market that rewards those developers who invest in their security engineering.”

Cameron said that by obtaining a “position of defensive strength”, the UK could become better placed to disrupt and impose costs on malicious actors, using a wider range of tools and powers, and leaning on diplomatic connections, intelligence agencies, law enforcement and the new National Cyber Force to take a “more activist leadership role internationally” and shape the global cyber environment so as to, for example, avoid a repeat of the Huawei-5G debacle.

“This will require a more interventionist approach to technology, from semiconductors to AI, quantum computers to connected places,” she said. “We need to foster and protect competitive advantage in the technologies critical to cyber space and mitigate cyber risk at an earlier stage by ensuring security is designed into the digital economy of the future. And we need to do more to ensure that debates about technology and internet standards support our future security and prosperity.”

Read more on Security policy and user awareness

Go to Source

Click to comment

Leave a Reply

Tech

Pick up this RTX 3070 Alienware laptop at a staggering $530 off

Published

on

Pick up this RTX 3070 Alienware laptop at a staggering $530 off

Alienware M15 laptop

Dell

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.

Michael is a former graphic designer who’s been building and tweaking desktop computers for longer than he cares to admit. His interests include folk music, football, science fiction, and salsa verde, in no particular order.

Go to Source

Continue Reading

Tech

What to look for in a cheap Chromebook

Published

on

What to look for in a cheap Chromebook

Note: When you purchase something after clicking links in our articles, we may earn a small commission. Read our affiliate link policy for more details.

As PCWorld’s senior editor, Mark focuses on Microsoft news and chip technology, among other beats. He has formerly written for PCMag, BYTE, Slashdot, eWEEK, and ReadWrite.

Go to Source

Continue Reading

Tech

Arturia’s V Collection instruments now have native M1 Mac support

Published

on

Arturia’s V Collection instruments now have native M1 Mac support

It’s now that much easier to use Arturia’s softsynths on your brand new MacBook. Arturia has released a free V Collection 8.2 update that adds native support to the (currently discounted) suite for Macs with M1 processors. That should improve performance, as you might guess, but it could also help with battery life if you need to play unplugged.

Other speed updates are in store. The update boosts the performance of 4K interfaces through a new framework, and presets from the V Collection factory libraries now load up to twice as quickly. You’ll also find ODDSound MTS-ESP microtuning compatibility for the Clavinet V, DX7 V, Piano V and Stage-73 V.

This might be an important update if you use softsynths for music-making. Arturia has a reputation for virtual instruments that are both meticulous and relatively accessible. This both makes V Collection more viable on M1 Macs and gives you more incentive to rely on digital synths instead of hunting down their costlier real-world counterparts.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Go to Source

Continue Reading
Home | Latest News | Tech | Covid-19 will loom over cyber strategy for years to come
a

Market

Trending