NCSC Chief Reflects On Cyber Crime, China, Russia & Technology

Uploaded on 2020-09-08 in INTELLIGENCE-Hot Spots-China, GOVERNMENT-National, FREE TO VIEW, INTELLIGENCE-Hot Spots-Russia

Ciaran Martin the CEO of the UK’s National Cyber Security Centre (NCSC), is to step down later in 2020 after almost seven years. 

The NCSC, which is part of GCHQ, is the UK’s lead authority on cyber security, overseeing the response to cyber-attacks and improving the cyber resilience of the UK’s national infrastructure. 

According to its own data, since 2016, the National Cyber Security Centre has dealt with over 2,000 major cyber security incidents. 

The NCSC now employs more than 1,000 and commands a budget in excess of £250m. It has dealt with well over 2,000 major cyber security incidents since it opened its doors in 2016, and has driven a more assertive cyber security policy on behalf of the government.

He said cyber-criminals were quick to exploit Covid-19, using it to persuade people to click on links or buy fake goods and that placed new demand on systems built to automate cyber-defences and spot spoof messages.

At the same time, the NCSC had to help government and public-sector organisations deal with the sudden increased dependence on technology, whether in the cabinet meeting over video link or the government sending out genuine text messages to the entire public.

But it was not just cyber crime groups who were on the move, foreign spies also began to go after new targets and protecting universities and researchers seeking a coronavirus vaccine became an urgent new priority. "Many of the people involved never thought they'd be in a case where they'd be talking to part of an intelligence service about resisting major nation state threats against their work," Mr Martin says.

In July, the UK, along with the US and Canada, accused Russian intelligence of trying to steal vaccine  research. The accusation, known as an "attribution", came because the NCSC could draw on GCHQ's long history monitoring Russian hackers. "We have built up significant knowledge of some of the major attack groups from the major nation states, including Russia, over more than two decades," Mr Martin says."For a lot of the things that we were seeing in the high end of vaccine protection, it was detected by us because it was the more sophisticated end, where the attacker is trying harder not to get caught."

Mr Martin says the NCSC has not seen the need to issue specific guidance about Chinese company TikTok, however, which the Trump administration claims is a threat to US national security. "The amount of personal data it collects, people need to be aware of," he says, but "it is slightly less than some of the others". While China has risen up the agenda, Russia has been the more constant concern for the NCSC.

Russia was accused of interfering in the 2019 British general election by hacking and leaking trade documents. "It shows that there is an ongoing threat to democratic processes," according to Mr Martin. "It is not the case in my judgement that there has been sustained high-quality effective disruption of UK politics by the Russians."

Martin defends the intelligence services against the accusation in the recent "Russia report" they have not focused enough on the threat from Moscow. But he also says it should not be the job of spy agencies to regulate political debate. "No-one wants to live in a country where the likes of parts of GCHQ or MI5 are in charge of verifying political information in the midst of an election," he says.

Martin leaves the civil service after 23 years, for a position at Oxford University.where he will be appointed as a Professor of Practice in Public Management, based at the Blavatnik School of Government.

The National Cyber Security Centre (NCSC) has announced that Lindy Cameron is to become its new chief executive from October. Her role will include overseeing the organisation’s response to hundreds of cyber incidents each year, improving the cyber resilience of the UK’s critical national infrastructure, identifying the risks and opportunities for the UK in emerging technologies and leading the NCSC’s ongoing response to the coronavirus pandemic.

NCSC:         BBC:         Evening Express:    Computer Weekly:     New Statesman

You Might Also Read:

Britain's National Cyber Security Strategy Beyond 2021:

 

« Fixing Britain's Digital Skills Gap
How Did Belarus Shut Down The Internet ? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Indium Software

Indium Software

Indium Software is an Independent Software Testing Company offering software testing services (including security testing) and offshore Quality Assurance solutions.

Verimatrix

Verimatrix

Verimatrix is a global provider of innovative cybersecurity solutions that protect content, devices, software and applications.

Openminded (OPMD)

Openminded (OPMD)

Openminded is a French security and network services company.

CSI

CSI

CSI is a Managed Service Provider (MSP) delivering Hybrid Multi-Cloud, Data Protection, and Cyber Security solutions to highly regulated industries.

CultureAI

CultureAI

CultureAI deliver intelligent cyber security awareness education and tools that build resilient security cultures where employees help defend.

TechBeacon

TechBeacon

TechBeacon.com is a digital hub by and for software engineering, IT and security professionals sharing practical and passionate guidance to real-world challenges.

HOBI International

HOBI International

HOBI International is a leading mobile, IT and data center asset management provider with solutions for device management, reverse logistics, data erasure, refurbishment and recycling.

Swarmnetics

Swarmnetics

Swarmnetics helps customers discover hard-to-find software vulnerabilities by hacking your system before the bad guys do.

SterlingRisk Programs

SterlingRisk Programs

SterlingRisk’s Cyber practice brings experience working with a wide array of clients across a broad spectrum of industries.

Cado Security

Cado Security

Cado Security is pushing digital forensics, and cyber incident response to the next level with an incident response software platform and specialist consulting services.

AutoSec

AutoSec

AutoSec supports the FFI program Electronics, Software and Communication by dissemination and exploitation of the results of projects related to automotive cybersecurity.

Seedcamp

Seedcamp

Seedcamp identify and invest early in world-class founders attacking large and global markets through disruptive technology in areas including AI, cybersecurity, and Fintech.

FTx Identity

FTx Identity

FTx Identity is the world's most advanced age verification technology (AVT) and identity management system.

EPIQ Infotech

EPIQ Infotech

EPIQ Infotech is a trusted consulting and implementation partner for Oracle JD Edwards and Amazon Web Services (AWS).

Superna

Superna

Superna is the global leader in data security and cyberstorage solutions for unstructured data, both on-prem and in the hybrid multi-cloud.

Teal

Teal

Teal provides exceptional managed IT solutions for small- to medium-sized organizations that value real partnerships and elevated security.