UK’s national cyber security unit working on automated defenses

September 13, 2016

The CEO of the UK’s new National Cyber Security Centre wants industry and government to work more closely together to combat cyber crime.

Giving his first public speech as CEO of the NCSC, at the Billington Cyber Security Summit in Washington today, Ciaran Martin warned that far too many unsophisticated cyber attacks are succeeding, going on to discuss the government’s new more pro-active cyber security strategy — including looking into large scale DNS filtering as a potential method to automate blocking malware at scale.

“The great majority of cyber attacks are not terribly sophisticated. They can be defended against. And if they get through their impact can be contained. But far too many of these basic attacks are getting through. And they are doing a lot of damage,” he said.

And while he praised the efforts of the security industry to tackle cyber crime to date, he said the fact so many basic attacks are prevailing points to a systemic problem with the private sector’s approach — arguing there’s therefore a need for government to take a lead.

“Something is not quite working yet in the marketplace in terms of cyber security,” said Martin. “There are great companies, great people, there’s great innovation, and barriers to information sharing are being broken down. But given the record of the past few years it’s hard to say that we’ve got ahead of the threat.

“If we’re to maintain confidence in the digital economy, we’ve got to tackle this end of the problem,” he continued. “I believe there’s a legitimate role for the Government in taking a lead… at least temporarily. This is the thinking behind our strategy.”

The UK government named cyber security a priority area, back in November 2015, announcing a plan to nearly double spending, to £1.9 billion by 2020, including funding the setting up of the NCSC, which reports into spy agency GCHQ and is due to formally open its doors this fall.

Martin described how the UK is taking a three-pronged approach with its cyber security strategy, beginning with what he dubbed the “organisational coherence” of establishing a central hub in the form of the NCSC.

Next he said it’s prioritizing the defending of “the most serious threats” — such as cyber attacks on national infrastructure. (On the most serious cyber attacks side, he confirmed the UK has not yet faced “a single stand-out incident of hostile foreign cyber attack” but said he’s expecting one, adding: “Last year we detected twice as many national security level cyber incidents – 200 per month – than the year before.”)

The third plank of the strategy is focused on improving the digital security ecosystem as a means to tackle the “unsophisticated, prolific threats” that he warned post a threat to consumer trust in the digital economy. This includes the government seeking to foster and even directly invest in relevant security startups.

Read full story…