Tag Archives: BT Security

UK Government announces further measures to boost cyber security defences in the UK

On Friday 12 December, Francis Maude – Minister for the Cabinet Office – hosted an event at the Institute for Chartered Accountants of England and Wales in central London marking the third anniversary of the UK’s Cyber Security Strategy. On the day, Maude unveiled several additional measures being put forward by the Government to assist in safeguarding the online space for all citizens.

The event was designed specifically to address leaders in industry, academia and Government and highlight ways in which the UK is building skills to boost its growing cyber security sector. It follows hot on the heels of a report to Parliament on progress and forward plans scripted to make the UK one of the safest places in which to do business online.

Increasing the number of people with the right cyber skills is vital for both Government and industry as the UK collectively faces the reality of cyber threats. The Government’s work to improve the UK’s cyber security defences is led by the Cabinet Office, the Department for Business, Innovation and Skills and, of course, GCHQ.

Maude announced that the Government has committed to:

*Grants for colleges and universities in Birmingham, Liverpool, Lancashire and Newcastle that will improve cyber security education and learning (the grants being realised in partnership with companies including Barclays Bank and Hut Group, the online retailer)
*New cyber camps and mentoring schemes run in conjunction with the Cyber Security Challenge UK and the Cyber Growth Partnership to help computing graduates gain practical experience and begin a career in cyber security
*Cryptoy: a new and innovative Android app designed by students on placements at GCHQ to highlight exciting developments in cipher and code-breaking for a new generation of cyber specialists
*A virtual hub operated in conjunction with the Council of Registered Ethical Security Testers (CREST) that’s ultimately designed to inspire students towards cyber security careers and provide advice and information on job opportunities
*New cyber security careers resources for students within the Graduate Prospects careers website
*An updated guide for business on the cyber security skills initiatives that will help develop the skills of their own staff members and nurture future talent

“As part of this Government’s long-term economic plan,” stated Francis Maude, “we want to ensure that Britain is one of the safest places in which to do business online. Over the past three years, we’ve taken a strategic approach to improving cyber security, working with others to deliver schools programmes. We’ve also certified six Masters degrees and established two centres for doctoral training alongside 11 Academic Centres of Excellence.”

The MP continued: “Given the work of Alan Turing and Bletchley Park in days gone by, the UK has a proud heritage in cryptography and computer science. Today, no less than 40,000 people work in our cyber industry and we have 14 cyber security ‘clusters’ across the country, but we do want to develop greater skills and encourage more people to pursue a career in this growth area.”

Maude concluded: “We do hope the Cryptoy app will spark a new interest among individuals to pursue a career in cyber security. Our new cyber camps, mentors and Higher Education Academy grants will help more people when it comes to embarking on a cyber security career.”

Read the minister’s speech in full

Francis Maude MP delivering his speech at the Institute for Chartered Accountants in England Wales, central London

Francis Maude MP delivering his speech at the Institute for Chartered Accountants in England Wales, central London

UK’s cyber security talent pool

Stephanie Daman, CEO of the Cyber Security Challenge UK, responded to the MP’s speech by stating: “This announcement highlights the Government’s ongoing commitment to improving the size and quality of the UK’s cyber security talent pool. It also demonstrates a real understanding of the fact that addressing our cyber security skills gap requires a sustained programme of targeted support for innovative programmes and initiatives that are inspiring the next generation of cyber professionals.”

Daman added: “Government’s support now spans a huge range of opportunities, from innovative tools such as Cryptoy to a national mentoring programme and a raft of new cyber camps designed to inspire budding cyber defenders. As a country, we’re now creating extraordinary opportunities for young people who demonstrate the aptitude and appetite to forge successful and rewarding careers in cyber security. I’m encouraged that, with the continued backing of Government, UK businesses and academia we’re doing exactly what’s required to future-proof the cyber security capabilities of the UK.”

Mark Hughes, president of BT Security, explained: “Making certain that security’s right and protecting businesses, Government and the general public against cyber attacks is vitally important. Data breaches and attacks are an everyday threat to business and, with the UK cyber security industry now worth £6 billion a year, it’s critical that we build a pipeline of talented people to fill the gap in skills we’re currently experiencing.”

Hughes went on to say: “Recruiting into the industry is notoriously difficult. On that basis, it’s critical that we engage in strategic activity that helps find the right people, prepares them for jobs in the industry, trains them and makes them ready to take on key roles in the cyber security profession.”

In conclusion, Hughes outlined: “It’s for this reason that BT is proud to be supporting the cyber camps and mentoring schemes announced by Francis Maude. It’s not enough that we concentrate on developing the workforce of today. If we’re to build and maintain resilient infrastructure in the UK then we simply must develop the workforce of the future. BT is fully committed to helping create that workforce.”

Professor Stephanie Marshall, CEO of the Higher Education Academy, also voiced opinion on the matter. “If the UK is to be equipped to respond to cyber threats,” opined Marshall, “we need to strengthen the pipeline of cyber talent and help prepare students for entry-level security career opportunities. The Higher Education Academy is pleased to be able to offer support to higher education providers when it comes to developing innovative projects involving strong partnership with businesses that will improve cyber security teaching and learning across the discipline of computing and the sectors beyond.”

Marshall also explained: “All four projects launched at this event have the potential to do this, thereby helping to improve the skills of graduates, address the shortage of cyber security skills and future-proof the country’s IT sector, in turn making it more resilient to possible cyber attacks.”

Leave a comment

Filed under Risk UK News

GCHQ certifies Masters degrees in cyber security

The certification of six Masters degrees in cyber security has been announced by Francis Maude, Minister for the Cabinet Office. This announcement marks another significant step in the development of the UK’s knowledge, skills and capability in all fields of cyber security as part of the National Cyber Security Programme.

The National Cyber Security Strategy recognises education as being absolutely vital to the development of cyber security skills and, earlier in the year, UK universities were invited to submit their cyber security Masters degrees for certification against GCHQ’s stringent criteria for a broad foundation in cyber security.

Partnerships have been key throughout the process with the assessment of applicants based on the expert views of industry, academia, professional bodies, GCHQ and other Government departments.

The six successful Masters degrees were judged to provide well-defined and appropriate content, with all of them delivered to the highest standard.

Francis Maude MP: Minister for the Cabinet Office

Francis Maude MP: Minister for the Cabinet Office

Development of GCHQ-certified Masters degrees will help the successful universities to promote the quality of their courses and assist prospective students in making better informed choices when looking for a highly valued qualification. It also assists employers to differentiate between candidates when employing cyber security staff.

A further call for Masters certification will take place in late 2014 and extend to those degrees focused on critical areas of cyber security such as digital forensics.

Details of certified status for six universities

The six successful universities whose cyber security Masters degrees have been awarded GCHQ-certified status are as follows:

Full certified status
Edinburgh Napier University: Degree – MSc in Advanced Security and Digital Forensics
Lancaster University: Degree – MSc in Cyber Security
University of Oxford: Degree – MSc in Software and Systems Security
Royal Holloway, University of London: Degree – MSc in Information Security

Provisional certified status
Cranfield University: Degree – MSc in Cyber Defence and Information Assurance
University of Surrey: Degree – MSc in Information Security

“Every time I visit GCHQ I see at first-hand the tremendous work being conducted in relation to cyber security,” explained Francis Maude MP. “Cyber security is a crucial part of this Government’s long term plan for the British economy. We want to make the UK one of the safest places in the world to do business online. Through the excellent work of GCHQ in partnership with other Government departments, the private sector and academia we’re able to counter threats and ensure that, together, we’re stronger and more aware.”

Nigel Smart, Professor of Cryptology at the University of Bristol, stated: “I’m delighted to have been appointed as independent chairman of the panel that assessed applications, and am excited that GCHQ has introduced this rigorous standard for judging general cyber security Masters degrees. For the first time, UK universities which become certified will have a means to promote the quality of the cyber security issues they teach.”

Smart also commented: “Over the next few years, as GCHQ certification is applied to more specialised areas of cyber security, I expect the number of UK universities achieving certification of their Masters degrees to increase, thereby helping to raise the overall standard of teaching in cyber security at Masters level.”

Mark Hughes, the President of BT Security, commented: “At BT, we’re acutely aware of the impact of the UK cyber skills gap. Recruiting the right people with the right knowledge and skills is a big deal for us. As a leading Internet service provider we want to employ the very best. That’s why we welcome GCHQ’s certification of Masters degrees in cyber security. The fact that GCHQ recognises these courses as high calibre gives us, at BT, the confidence that those graduating with a Masters from one of these universities will have the sound knowledge base in cyber security we would be looking for. This is a great step forward in developing the cyber specialist of tomorrow.”

Chris Ensor, deputy director for the National Technical Authority for Information Assurance at GCHQ, added: “As the National Technical Authority for Information Assurance, GCHQ recognises the critical role academia plays in developing the UK’s skills and knowledge base. I’d like to congratulate the universities which have been recognised as offering a Masters degree which covers the broad range of subjects that underpin a good understanding of cyber security. I’d also encourage those that didn’t quite make it this time around to reapply in the near future, particularly as we begin to focus on more specialised degrees. Recognition of these degrees is an important first step towards delineating academic Centres of Excellence in cyber security education.”

Leave a comment

Filed under Risk UK News

‘UK companies lag behind the US in cyber security readiness’ reveals BT survey

Many Board level executives around the world are still failing to address cyber security issues, while hacktivism and malicious insider threats (intentional leaks) are perceived to be on the rise.

Just 17% of UK business leaders view cyber security as a major priority compared to 41% in the US, research from BT has revealed.

The research, which assessed attitudes to cyber security and levels of preparedness among IT decision-makers, highlights that UK businesses are lagging behind their US counterparts in crucial areas.

Only one-in-five (21%) respondents in the UK are able to measure the return on investment (ROI) of their cyber security measures compared to nine-in-ten (90%) of US companies. Similarly, 86% of US directors and senior decision-makers are given IT security training compared to just 37% in the UK.

More than half (58%) of IT decision-makers globally stated that their Boards underestimate the importance of cyber security. This figure increases to 74% in the US but drops to 55% in the UK.

Hacktivism set to pose greater risk

The difference in levels of preparedness correlates with attitudes to threats. Non-malicious insider threats (eg accidental loss of data) are currently the most commonly cited security concern globally, being reported as a serious threat by 65% of IT decision-makers.

In the UK, this falls to 60% and is followed by malicious insider threats (51%), hacktivism (37%), organised crime (32%), nation states (15%) and terrorism (12%).

In the US, the proportion of IT decision-makers who see non-malicious insider threats as a severe threat increases to 85% and is followed by malicious insider threats (79%), hacktivism (77%), organised crime (75%), terrorism (72%) and nation states (70%).

Mark Hughes: CEO at BT Security

Mark Hughes: CEO at BT Security

Looking ahead, more than half of global IT decision-makers believe that hacktivism (54%) and malicious insider threats (53%) will pose a greater risk over the next 12 months. In the US, this increases to 73% and 74% respectively. This compares to 29% and 23% in the UK.

Globally, terrorism is seen as the threat least likely to pose more risk over the next 12 months.

Myriad of internal and external threats

Mark Hughes, CEO of BT Security, said: “The research provides a fascinating insight into the changing threat landscape and the challenge this poses for organisations around the world. The massive expansion of employee-owned devices, cloud computing and extranets has multiplied the risk of abuse and attack, leaving organisations exposed to a myriad of internal and external threats which are malicious or accidental.”

Hughes continued: “US businesses should be celebrated for putting cyber security on the front foot. The risks to business are moving too fast for a purely reactive security approach to be successful. Nor should cyber security be seen as an issue for the IT Department alone.”

In response to emerging threats, three quarters (75%) of IT decision-makers globally say they would like to overhaul their infrastructure and design them with security features from the ground up. 74% would like to train all staff in cyber security Best Practice. Similarly, just over half (54%) say they would like to engage an external vendor to monitor the system and prevent attacks.

Hughes added: “As the threat landscape continues to evolve, CEOs and Board level executives need to invest in cyber security and educate their people in the IT Department and beyond. The stakes are too high for cyber security to be pushed to the bottom of the pile.”

About the research

This research was undertaken by Vanson Bourne for BT in October 2013.
Five hundred interviews were carried out with IT decision-makers in medium-to-large sized enterprises across seven countries – UK, France, Germany, USA, Brazil, Hong Kong and Singapore – and in a range of sectors (finance, pharmaceutical, retail and government).

BT Security: staying ahead of the threat curve

BT Security is building on 70 years’ experience of helping organisations around the globe and across all sectors get ahead of the threat curve and reduce the uncertainty and complexity of security.

The company provides an end-to-end capability to help organisations enjoy higher levels of security at a time when security budgets are not keeping pace with the threat landscape.

BT Security thinks about assets, people and processes, and combines these with both network and security intelligence to help customers stay ahead of the security risks.

BT Security protects both BT and its customers. These customers are advised by a global team of 1,300 security practitioners, 600 global security specialists and a professional services team of approximately 4,000.

The BT Security Assure portfolio covers: Assure Managed Firewall, Assure Web Security, Assure Intrusion Prevention, Assure Message Scan, Assure Denial of Service Mitigation, Assure Cyber, Assure Managed Cloud, Assure Threat Monitoring and Assure Vulnerability Scanning.

To find out more about BT Security visit: http://www.bt.com/btassure/securitythatmatters

Leave a comment

Filed under IFSECGlobal.com News