James Tee and myself recently attended CYBERUK, held for the first time in the vibrant city of Belfast and coinciding with the historic 25th anniversary of the Good Friday Agreement.
CYBERUK is the UK’s flagship cyber security event run by the National Cyber Security Centre (NCSC) and is a chance for cyber professionals to gain an insight to the challenges and future threats the UK face. With guests from across the globe, representing governments and industry leaders, speaking on securing an open and resilient digital future, it was an exciting few days.
The event, held at the International Conference Centre (ICC) Belfast, examined how today’s cyber ecosystem – a sector worth £10 billion to the UK economy – is able to strengthen, join together, and innovate in order to resist the threats, be ready for opportunities, and keep the UK the safest place to live and work online.
The programme was packed with four main ‘Streams’ covering a broad range of technical and non-technical areas:
- Stream A – Strong ecosystem; resilient society
- Stream B – Threats, risks, and vulnerabilities
- Stream C – Securing foundations for technology advantage
- Stream D – Interactive workshops
The event kicked-off with an informal welcome drinks reception at St George’s market and was a chance to network with peers, meet sponsors, catch-up with friends, and hear from industry figures, all while enjoying drinks, local food, and entertainment.
The following day, Lindy Cameron, CEO of NCSC welcomed delegates, this was followed by a ministerial address from The Rt Hon Oliver Dowden CBE MP. The main takeaways were:
1. The growing threat China posed to the world economy if we don’t keep pace with their technological developments, coupled with its ambition to become the world leader in technology. This has become more apparent considering the increased reliance western organisations place on China to provide for the global supply chain.
2. The skills shortage within the industry still remains an on-going issue within the UK where roughly 13,000 people are needed to plug the gap within the workforce and maintain a robust cyber resilience for the UK economy.
3. GovAssure officially launched and will require government entities to undergo an assessment of their cyber security set-up against one of two NCSC Cyber Assessment Frameworks (CAF). The aim for this is to ensure that each government entity has a risk profile and is able to better understand the level of cyber resilience across government so that any vulnerabilities can be addressed before they are exploited.
4. Advances in quantum computing and artificial intelligence (AI) proved to be popular topics of conversation with panel discussions highlighting the growing need to exploit the opportunities that could be gained from adopting these sooner rather than later, but airing caution over the potential new threats they may pose to organisations and the speed at which cyber criminals are able to exploit new technologies.
5. AI remains to be one of the most exciting technologies to be used within the cyber industry, however, organisations are still slow to adopt new technologies. There is increasing concern regarding the amount of technical debt within UK organisations that neglect updating their IT systems and do not have the foundations of cyber resilience in place.
6. The need to collaborate with partners, vendors, and governments. The sharing of intelligence and providing an increased transparency of technologies and standards significantly helps those smaller states that don’t have the resources available to develop their own technologies. They rely on the likes of the US and UK to lead the developments in cyber standards and practices.
One key statistic that stood out for me was that only 13% of primes assess the risks associated with their suppliers. From this there was a call for introducing joint top table exercises so supply chains can become more resilient when things go wrong and partners can work together to overcome the threats and vulnerabilities quickly to minimise damages.
If you’d like to learn more about how the Methods Cyber and Technical Advisory team can help your organisation to adapt and comply with Gov Assure, or to become a more resilient organisation, please take a look at what we have to offer on Cyber Methods and get in touch!