NCSC Chief Reflects On Cyber Crime, China, Russia & Technology

Uploaded on 2020-09-08 in INTELLIGENCE-Hot Spots-China, GOVERNMENT-National, FREE TO VIEW, INTELLIGENCE-Hot Spots-Russia

Ciaran Martin the CEO of the UK’s National Cyber Security Centre (NCSC), is to step down later in 2020 after almost seven years. 

The NCSC, which is part of GCHQ, is the UK’s lead authority on cyber security, overseeing the response to cyber-attacks and improving the cyber resilience of the UK’s national infrastructure. 

According to its own data, since 2016, the National Cyber Security Centre has dealt with over 2,000 major cyber security incidents. 

The NCSC now employs more than 1,000 and commands a budget in excess of £250m. It has dealt with well over 2,000 major cyber security incidents since it opened its doors in 2016, and has driven a more assertive cyber security policy on behalf of the government.

He said cyber-criminals were quick to exploit Covid-19, using it to persuade people to click on links or buy fake goods and that placed new demand on systems built to automate cyber-defences and spot spoof messages.

At the same time, the NCSC had to help government and public-sector organisations deal with the sudden increased dependence on technology, whether in the cabinet meeting over video link or the government sending out genuine text messages to the entire public.

But it was not just cyber crime groups who were on the move, foreign spies also began to go after new targets and protecting universities and researchers seeking a coronavirus vaccine became an urgent new priority. "Many of the people involved never thought they'd be in a case where they'd be talking to part of an intelligence service about resisting major nation state threats against their work," Mr Martin says.

In July, the UK, along with the US and Canada, accused Russian intelligence of trying to steal vaccine  research. The accusation, known as an "attribution", came because the NCSC could draw on GCHQ's long history monitoring Russian hackers. "We have built up significant knowledge of some of the major attack groups from the major nation states, including Russia, over more than two decades," Mr Martin says."For a lot of the things that we were seeing in the high end of vaccine protection, it was detected by us because it was the more sophisticated end, where the attacker is trying harder not to get caught."

Mr Martin says the NCSC has not seen the need to issue specific guidance about Chinese company TikTok, however, which the Trump administration claims is a threat to US national security. "The amount of personal data it collects, people need to be aware of," he says, but "it is slightly less than some of the others". While China has risen up the agenda, Russia has been the more constant concern for the NCSC.

Russia was accused of interfering in the 2019 British general election by hacking and leaking trade documents. "It shows that there is an ongoing threat to democratic processes," according to Mr Martin. "It is not the case in my judgement that there has been sustained high-quality effective disruption of UK politics by the Russians."

Martin defends the intelligence services against the accusation in the recent "Russia report" they have not focused enough on the threat from Moscow. But he also says it should not be the job of spy agencies to regulate political debate. "No-one wants to live in a country where the likes of parts of GCHQ or MI5 are in charge of verifying political information in the midst of an election," he says.

Martin leaves the civil service after 23 years, for a position at Oxford University.where he will be appointed as a Professor of Practice in Public Management, based at the Blavatnik School of Government.

The National Cyber Security Centre (NCSC) has announced that Lindy Cameron is to become its new chief executive from October. Her role will include overseeing the organisation’s response to hundreds of cyber incidents each year, improving the cyber resilience of the UK’s critical national infrastructure, identifying the risks and opportunities for the UK in emerging technologies and leading the NCSC’s ongoing response to the coronavirus pandemic.

NCSC:         BBC:         Evening Express:    Computer Weekly:     New Statesman

You Might Also Read:

Britain's National Cyber Security Strategy Beyond 2021:

 

« Fixing Britain's Digital Skills Gap
How Did Belarus Shut Down The Internet ? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Oxygen Forensics

Oxygen Forensics

Oxygen Forensics offer the most advanced forensic data examination tools for mobile devices and cloud services.

CANVAS Consortium

CANVAS Consortium

The CANVAS Consortium aims to unify technology developers with legal and ethical scholar and social scientists to approach the challenges of cybersecurity.

IDnext

IDnext

IDnext is the open and independent platform to support innovative approaches in the world of the Digital identity.

AppSec Labs

AppSec Labs

AppSec Labs specialise in application security. Our mission is to raise awareness in the software development world to the importance of integrating software security across the development lifecycle.

Raz-Lee Security

Raz-Lee Security

Raz-Lee Security is the leading security solution provider for IBM Power i, otherwise known as iSeries or AS/400 servers.

ThreatSpike Labs

ThreatSpike Labs

ThreatSpike Labs provides the first end-to-end fully managed security service for companies of all sizes.

Hypersecu Information Systems

Hypersecu Information Systems

Hypersecu Information Systems, Inc. is a solution provider dedicated to multi-factor authentication, public key infrastructure and software copyright protection.

Langner

Langner

Langner is a software and consulting firm specialized in cyber security for critical infrastructure and large-scale manufacturing.

Packetlabs

Packetlabs

Packetlabs specializes in penetration testing services and application security.

Navisite

Navisite

Navisite is a combination of eight respected IT consulting and managed service providers that were brought together under the Navisite brand.

Acora

Acora

Acora provide a range of best-in-class managed services, Microsoft-centric business software, and cloud solutions designed to help mid-market organisations succeed in the digital economy.

Papua New Guinea National Cyber Security Centre (PNG NCSC)

Papua New Guinea National Cyber Security Centre (PNG NCSC)

PNG NCSC is a jointly funded initiative enabling PNG to benefit with the most advanced cyber protection of its critical information and communications technology infrastructure.

Professional Labs

Professional Labs

Professional Labs specialize in simplifying complex problems for our customers with Cloud Services, Managed Services and Cyber Security.

Security Awareness Special Interest Group (SASIG)

Security Awareness Special Interest Group (SASIG)

The Security Awareness Special Interest Group (SASIG) addresses the human aspects of security and fraud prevention in an initiative to improve trust and confidence in the online environment.

Lakera

Lakera

Lakera empowers developers and organizations to build GenAI applications without worrying about AI security risks.

Vambrace Cybersecurity

Vambrace Cybersecurity

Vambrace is an experienced cybersecurity consultancy and operations outsourcer helping you to secure your business in an increasingly-hostile cyber environment.