Businesses in all sectors should work with the authorities to find new ways of incorporating automated services, such as ‘Active Cyber Defence’. And if enough do, the results could be truly transformational – a whole-of-nation, automated cyber defence system, said GCHQ Director Jeremy Fleming. He was the keynote speaker at the National Cyber Security Centre (NCSC) annual event, CYBERUK 2019, in Glasgow.
He said: “Our incident management team has worked on more than 1,500 significant cyber security incidents. And using automation, it has reduced the harm from thousands of attacks a month. And it has played a major role in dealing with the strategic threats we face from hostile states.”
He said that the NCSC intends to do more to take the burden of cyber security away from the individual. “In particular, we will work closely with device manufacturers and online platform providers to build security into their products and services at the design stage. We will work with ISPs to enhance the security of internet-connected devices in the home. And we will share intelligence with banks to enable them to alert customers close to real time.”
Looking to the future, he saw ‘potential to bake in cyber security as new systems are brought in to replace ageing legacy systems. Once again, security by design must be our aim’.
As for regulation of cyber security – in particular the NIS Directive that covers network and information systems of essential services such as utilities, he said ‘we also need to be open to a debate about what further legislation or regulation might be required to ensure cyber standards right across the CNI [critical national infrastructure]’.
For the speech in full visit the GCHQ website.
