Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts By :

Stuart O'Brien

Universities invited to apply for NCSC certification

960 640 Stuart O'Brien

Universities across the UK now have a further opportunity for their cyber-security related degrees to gain certification as part of the National Cyber Security Strategy.

After a rigorous process, the National Cyber Security Centre (NCSC) – a part of GCHQ – has already certified 23 Master’s degrees, three Integrated Master’s and three Bachelor’s degrees from 19 universities over the last four years.

With applications now open the NCSC is looking for fresh candidates to increase these figures, with degree apprenticeships now also eligible.

NCSC-certified degrees are designed to help universities attract high quality students from around the world, employers to recruit skilled staff and prospective students to make better informed choices when looking for a highly valued qualification.

The degree certification programme is part of a range of programmes which the NCSC and its government partners have initiated across UK academia designed to address the knowledge, skills and capability requirements for cyber security research and education.

The other programmes include Academic Centres of Excellence in Cyber Security Research (ACEs-CSR), Academic Research Institutes, and Centres for Doctoral Training in Cyber Security.

Chris Ensor, NCSC Deputy Director for Cyber Skills and Growth, said: “I’m really pleased that we’ve now launched a programme for certifying degree apprenticeships.  This will be a valuable addition to our certified undergraduate and postgraduate degree programmes.

“Degree Apprenticeships offer a flexible option for both students and employers, as we have seen from our own Degree Apprenticeship programme.

“I’m really looking forward to seeing some more successful applications, and strongly encourage any interested universities to get in touch and find out more.”

Universities Minister Chris Skidmore said: “The fast-paced world of technology is constantly evolving and it is vital that young people have the option to study high quality courses in cutting edge industries, such as cyber security.

“We want to maximise choice and flexibility for people wanting to study in higher education, whether that’s as part of a traditional course or a degree apprenticeship.

“Not only will these certified degrees provide a benchmark for future cyber security professionals, but also help to ensure they are ready for the world of work and prepare them for an exciting career.”

Institutions who are interested in applying for certification can find out further detail via https://www.ncsc.gov.uk/information/ncsc-degree-certification-call-new-applicants-0

ThreatAware debuts cybersecurity solution for non-specialist staff

960 640 Stuart O'Brien

An ambitious software platform that allows businesses to monitor all of their cybersecutiy needs has been launched.

ThreatAware, a joint enterprise between entrepreneurs Steve Thomson and Jon Abbott, brings together cybersecurity tools and company-wide compliance procedures on a single screen, and is suitable for use by IT and cybersecurity professionals as well as by non-technical managers and directors.

Thompson and Abbott are co founders of London-London-based IT services company Priority One. The platform has been developed with backing from angel investors, in a direct response from their own clients’ needs.

“Cyber security is not solely the responsibility of the IT team but is a company-wide challenge. As many breaches stem from human error or internal threats, training staff and having the right policies are procedures in place are critical,” said Abbott.

“By monitoring tools, people and processes on one dashboard, ThreatAware co-ordinates the roles of people throughout the business, ensuring everyone plays their part. It simplifies compliance with GDPR and other standards, saves time for IT staff and provides peace of mind for directors.”

88% of UK businesses have suffered a cyber attack in the last year

960 640 Stuart O'Brien

The UK’s cyber threat environment is intensifying, with attacks growing in volume along with an increased amount of security breaches.

New research, commissioned by leading next-generation endpoint security company Carbon Black and released in its second UK Threat Report, found that:

  • 88% of UK organisations reported suffering a breach in the last 12 months
  • The average number of breaches per organisation over the past year was 3.67
  • 87% of organisations have seen an increase in attack volumes
  • 89% of organisations say attacks have become more sophisticated
  • 93% of organisations plan to increase spending on cyber defence

The research also found that compared with the previous report, published in September, the average number of breaches has increased from 3.48 to 3.67. More than 5% of organisations have seen an increase in attack volumes.

100% of Government and Local Authority organisations surveyed reported being breached in the past 12 months, suffering 4.65 breaches, on average. 40% have been breached more than five times. In the private sector, the survey indicates that Financial Services are the most likely to report a breach, with 98% of the surveyed companies reporting breaches during the past 12 months.

Discussing the report, Rick McElroy, Head of Security Strategy for Carbon Black, said: “We believe our second UK threat report underlines that UK organisations are still under intense pressure from escalating cyberattacks.

“The report suggests that the average number of breaches has increased, but as threat hunting strategies start to mature, we hope to see fewer attacks making it to full breach status.”

The report also found that malware remains the most prolific attack type in the UK, with more than a quarter (27%) of organisations naming it the most commonly encountered. Ransomware holds second position (15%). However, the human factor plays a part in the attacks resulting in breaches. Phishing attacks appear to be at the root of one in five successful breaches. Combined, weaknesses in processes and outdated security technology were reported factors in a quarter of breaches, indicating that failures in basic security hygiene continue to be high risk vectors that organisations should address as a priority.

Organisations across all sectors reported increases in the volume of attacks during the past 12 months. However, of the organisations surveyed, Government and Local Authority organisations saw particularly high increases, with 40% noting more than 50% increase in the number of attacks. Similarly, in Healthcare, 29% of respondents noted increases of 50% or more.

60% of UK organisations surveyed said they are actively threat hunting and more than a quarter (26%) have been doing so for a year or more. A very encouraging 95% reported that threat hunting has strengthened their defences. The survey results suggest that threat hunting is most mature in the financial services sector, with 53% threat hunting for more than a year.

“We believe threat hunting is an integral part of a mature security posture,” McElroy said. “It’s encouraging to see this numbers continuing to climb.”

A copy of the report can be downloaded here:

https://www.carbonblack.com/resources/threat-research/global-threat-report-series

Tech Nation rolls out cybersecurity business growth initiative

960 640 Stuart O'Brien

A panel of senior executives working within the tech and security sectors will assist in the selection of the 20 most promising cyber companies within the UK as part of an ambitious project designed to help build and grow business in domestic and global markets.

Tech Nation, a UK network of digital tech entrepreneurs, has launched the initiative ‘Cyber’, starting in April, with a six-month, non-residential programme exposing those that take part to expertise along with providing connections required to grow their businesses.

The judging panel include Robert Coles, Chief Information Security Officer at NHS; Dr Emma Philpott, CEO at The IASME Consortium; Talal Rajab, head of programme for techUK’s Cyber and National Security programmes; Alastair Paterson, CEO and co-founder of Digital Shadows and James Chappell co-founder and Chief Innovation Officer of Digital Shadows.

UK Government data had revealed that there are currently more than 80 cyber security businesses with UK headquarters, with SMEs making up 89% of the total.

With cyber attacks on the rise within the UK and the rapid development of the Internet of Things creating new vulnerabilities at the interface between digital and physical systems, the Cyber programme aims to boost the UK’s digital security sector by helping grow 20 startup companies.

“What we have put together is a programme that will help businesses on the cohort move up to the next level,” said Ollie Bone, Cyber Lead at Tech Nation.

“Making the transition from startup to scaleup requires founders and managers to develop new and often challenging personal and business skills. But scaling up also involves reaching out and making connections across the security industry itself and in the customer marketplace. What we’re offering in Cyber is a real opportunity to overcome the factors that might be putting a brake on growth.”

Digital Minister Margot James said: “To stay ahead of cyber threats it is crucial we support and promote our world-class cyber security industry. Tech Nation’s new programme will not only help young businesses to expand but ensure our thriving cyber sector continues to grow.”

Take care of all your IT security needs this July

960 640 Stuart O'Brien

The Security IT Summit takes place on July 2nd in London, providing cybersecurity experts with a unique opportunity to discover new solutions and learn new skills.

You are invited to attend for FREE as a VIP guest, with your ticket also including lunch and refreshments.

You’ll be matched for series of pre-arranged, 1-2-1 meetings with suppliers who match your requirements and projects, plus you’ll have the opportunity to attend insightful and educational seminar sessions.

Add your name to the guest list. You will be joining other cyber security professionals representing the likes of:

Alzheimer’s Society
Brett Group
Catalyst
Derwentside College
EPR Architects
Federation of Royal Colleges of Physicians of the UK
Glenny LLP
Heathrow Airport
Hesley Group
Pickering Interfaces
Professional Standards Authority
Marshall Motor Group
Soldiers Charity
TGI Fridays
The Salvation Army
United International Pictures
XP Power

We have just 60 places available so register for your free place here today.

Or for more information, contact Emily Gallagher on 01992 374085 / e.gallagher@forumevents.co.uk.

To attend as a solution provider, call Chris Cannon on 01992 374096 or email c.cannon@forumevents.co.uk.

UK begins cybersecurity diversity drive

960 640 Stuart O'Brien

Four new projects across England to encourage more women, BAME, and neurodiverse candidates into a career in cyber security have been announced by Digital Minister Margot James.

They will each jointly benefit from a total investment of at least £500,000 as part of the next round of the Cyber Skills Immediate Impact Fund (CSIIF).

The aim of the Fund is to boost not only the total number, but the diversity of those working in the UK’s cyber security industry. The government says the initiative will help organisations develop and sustain projects that identify, train and place untapped talent from a range of backgrounds into cyber security roles quickly.

The projects receiving funding are:

Crucial Academy: Diversity in Cyber Security – This initiative based in Brighton looks to retrain veterans in cyber security, in particular focusing on women, neurodiverse candidates and BAME individuals.

QA: Cyber Software Academy for Women – This project running in London, Bristol, and Manchester will train and place a cohort of women into cyber development job roles within industry. An additional cohort will also be trained in Birmingham as part of the West Midlands Combined Authority Skills Deal.

Blue Screen IT: HACKED – This Plymouth based initiative will scale up an already existing programme which identifies, trains, and places individuals, including neurodiverse candidates, those with special needs and those from disadvantaged backgrounds into a cyber security career.

Hacker House Ltd: Hands on Hacking, Training and Employer Portal – This project based online will develop a portal allowing for an increased number of people to be trained and then engage with employers.

The CSIIF pilot was launched in February 2018 and was open to initiatives delivered in England. The Fund is one of a range of initiatives designed in support of the National Cyber Security Strategy’s aim of developing a sustainable supply of home-grown cyber security talent in the UK.

Digital Minister Margot James said: “Our cyber security industry is thriving but to support this growing success we need a skilled and diverse workforce to match. These latest projects show that whatever your background, ethnicity or sex, there are opportunities to join the cyber security profession. We want to demonstrate that you can have a dynamic and exciting career in a sector that sits at the heart of our economy, and is a key part of our modern Industrial Strategy.”

Hi-tech car theft warning from Which?

960 640 Stuart O'Brien

New research by consumer watchdog Which? has found that four of the five best-selling car brands in the UK are susceptible to so called ‘keyless theft’.

Analysed data from roadside recovery organisation General German Automobile Club (ADAC) by Which? revealed that out of 237 keyless cars tested by ADAC for keyless attacks only three remained secure, with the Ford Focus, Nissan Qashqai, VW Golf and Ford Fiesta all at risk.

Latest models of Range Rover and Discovery, along with the 2018 Jaguar i-Pace, were resistant to keyless theft.

Thieves fool the car’s onboard keyless security by bypassing the systems with devices that allow them to access the vehicle and drive away. More than 106,000 offences of theft of a motor vehicle were reported to police in England and Wales up to March 2018, the highest figure since 2009, with keyless technology thought to be partly responsible.

In a statement, Which? said: ”Thieves have been using keyless theft for several years, but manufacturers continue to make new models that can be stolen in this way, meaning there is an ever-larger pool of vehicles for thieves to target.”

In a response to the findings, the Society of Motor Manufacturers & Traders (SMMT) said that new cars were “more secure than ever”, with manufacturers “investing billions” in sophisticated security features.

Meanwhile, the AA has released a video sharing its top 10 tips for avoiding car break-ins in light of new Home Office figures that show a 50% increase in vehicle thefts in the last five years.

In 2017, there were 280,313 recorded thefts from vehicles in England & Wales, up 13% on 2016, while 103,644 were stolen, up 19% on 2016.

Network and learn with 60 other senior cyber security professionals

960 640 Stuart O'Brien

The Security IT Summit provides a unique opportunity for you to learn and hone skills, plus network with other security peers from across the UK.

You are invited to attend for FREE as a VIP guest, with your ticket also including lunch and refreshments.

2 July 2019 – Hilton Canary Wharf, London

You’ll be matched for series of pre-arranged, 1-2-1 meetings with suppliers who match your requirements and projects, plus you’ll have the opportunity to attend insightful and educational seminar sessions.

Add your name to the guest list. You will be joining other cyber security professionals representing the likes of:

Alzheimer’s Society
Brett Group
Catalyst
Derwentside College
EPR Architects
Federation of Royal Colleges of Physicians of the UK
Glenny LLP
Heathrow Airport
Hesley Group
Pickering Interfaces
Professional Standards Authority
Marshall Motor Group
Soldiers Charity
TGI Fridays
The Salvation Army
United International Pictures
XP Power

We have just 60 places available so register for your free place here today.

Or for more information, contact Emily Gallagher on 01992 374085 / e.gallagher@forumevents.co.uk.

To attend as a solution provider, call Chris Cannon on 01992 374096 or email c.cannon@forumevents.co.uk.

Government wants to ‘design out’ cyber threats

960 640 Stuart O'Brien

Business Secretary has announced measures for the UK to become a ‘world leader’ in the race against cyber security threats.

The government says businesses and consumers will benefit from increased security and protections built into digital devices and online services with the help of up to £70 million in government investment through the Industrial Strategy Challenge Fund, backed by further investment from industry.

This investment will support research into the design and development of hardware so that they will be more secure and resilient from the outset.

The ambitious aim is to ‘design out’ many forms of cyber threats by ‘designing in’ security and protection technology/solutions into hardware and chip designs, ultimately helping to eradicate a significant proportion of the current cyber risks for businesses and services in future connected smart products.

Clark said the best defence in the future is seen as developing innovative solutions that can work independently and protect against threats even during attacks and that the government wants to ensure that every UK organisation is as cyber secure and resilient as possible.

A further £30 million of government investment will aim to ensure smart systems, such as doors and central heating systems, are safe and secure, with more than 420 million such devices in use across the UK within the next 3 years.

The government is aiming for R&D investment to reach 2.4% of GDP by 2027.

Clark said: “This could be a real step-change in computer and online security, better protecting businesses, services and consumers from cyber-attacks resulting in benefits for consumers and the economy. With businesses having to invest more and more in tackling ever more complex cyber attacks, ‘designing in’ security measures into the hardware’s fabric will not only protect our businesses and consumers but ultimately cut the growing cybersecurity costs to businesses.

Nearly all UK businesses are reliant on digital technology and online services, yet more than 40% have experienced a cyber-security breach or attack in the last 12 months. Hackable home Wi-Fi routers can be used by attackers in botnets to attack major services and businesses. Moreover, consumers are often the worst affected by mass information leaks than the organisation that held their data. Businesses are having to spend increasing amounts on cyber security, up to 20-40% of their IT spend in some cases. And as more and more systems are connected, whether in the home or businesses, there is a need for security that is secure by design.

Digital Minister Margot James said: “We want the UK to be a safer place to live and work online. We’re moving the burden away from consumers to manufacturers, so strong cyber security is built into the design of products. This funding will help us work with industry to do just that, improving the strength and resilience of hardware to better protect consumers from cyber-attacks.”

Dr Ian Levy, National Cyber Security Centre’s Technical Director, said: “The National Cyber Security Centre is committed to improving security from the ground up, and we have been working closely with government to promote adoption of technology and practices to protect the UK.

“We hope this additional investment will drive fundamental changes to products we use every day. This is vital work, because improving hardware can eradicate a wide range of vulnerabilities that cause significant harm.”

Millennials ‘most vulnerable’ to phishing attacks

960 640 Stuart O'Brien

‘Digital savvy’ millennials are more likely to fall victim to cyber threats than baby boomers and older generations, demonstrating a concerning lack of knowledge on cyber threats such as phishing and ransomware.

New research, commissioned by cybersecurity and compliance company Proofpoint for their fifth annual ‘State of the Phish’ report, also revealed that 83 percent of global respondents experienced phishing attacks in 2018, compared to just 10 percent of respondents reporting experiencing a ransomware attack.

Also amongst the standout findings was the revelation that despite popular belief, older generations were actually less likely to fall victim to cyber attacks than their younger counterparts. 58% of those aged 22-27 knew correctly what phishing was, compared to 73% of those aged 54+ who knew correctly what phishing was. In addition, 52% of those aged 54+ knew correctly what ransomware was, whereas only 40% of those aged 22-37 knew correctly what ransomware was.

“Email is the top cyberattack vector, and today’s cybercriminals are persistently targeting high-value individuals who have privileged access or handle sensitive data within an organisation,” said Joe Ferrara, general manager of Security Awareness Training for Proofpoint.

“As these threats grow in scope and sophistication, it is critical that organisations prioritise security awareness training to educate employees about cybersecurity best practices and establish a people-centric strategy to defend against threat actors’ unwavering focus on compromising end users.”

“Lack of cybersecurity awareness, in particular amongst the millennial/Generation Z demographic, presents a greater threat than many businesses expect,” added Adenike Cosgrove, strategist, EMEA, Proofpoint.

“Our latest research shows that surprisingly, older generational groups can more accurately identify threats such as phishing and ransomware than digitally-savvy millennials. This tells us that millennials, despite being much more comfortable and at ease with digital platforms, display greater complacency towards threats and perceived risks.

“With the percentage of millennials in the workforce set to reach 50 percent globally by 2020, it’s imperative that businesses focus on developing a people-centric approach to security and deploy cybersecurity awareness training programs that aim to change employee behaviour. The bottom line is that organisations that do not consider the human factor as a key pillar to their cyber defence strategy will continue to be prime targets for cybercriminals, putting their businesses at risk of potentially crippling attacks.”

A copy of the report can be downloaded here: https://www.proofpoint.com/us/resources/threat-reports/state-of-phish