National Cyber Security Centre- Experts & Thought Leaders

Latest National Cyber Security Centre news & announcements

NCSC's annual review: Cyber threats intensifying

The National Cyber Security Centre (NCSC) new cyber chief, Richard Horne, has issued a stark warning about the growing complexity of “widely underestimated” cyber threats. Speaking at the launch of the NCSC’s eighth annual review, Richard Horne, Cyber Security Chief, commented: “What has struck me more forcefully than anything else since taking the helm at the NCSC is the clearly widening gap between the exposure and threat we face, and the defences that are in place to protect us.” Intensity of cyber-attacks Horne emphasised the frequency, sophistication, and intensity of cyber-attacks, which now target everything from healthcare to education, and has called for urgent collective action across public and private sectors to address these evolving threats. He stressed that the human cost of cyber-attacks is undeniable, and the UK’s reliance on technology has left it vulnerable to exploitation. Cost of cyber threats Horne highlighted the increasing frequency and sophistication of hostile cyber activity, particularly from state actors Horne highlighted the increasing frequency and sophistication of hostile cyber activity, particularly from state actors like Russia and China, who exploit the UK's technological dependency to disrupt and cause destruction.  He also pointed to recent cyber incidents, such as attacks on Synnovis and the British Library, which illustrate the human cost of cyber threats and the urgent need to enhance the resilience of critical infrastructure, supply chains, and the economy. UK's cyber risks Andy Ward, SVP International Absolute Security: "The NCSC highlights the alarming reality that the UK's cyber risks are growing faster than our ability to address them. This activity from state actors like Russia and China, combined with increasingly sophisticated cybercriminals leveraging AI, exposes critical vulnerabilities in our infrastructure, economy, and public services." "Alongside the NCSC warnings, our research shows that almost half (47 percent) of businesses have reported an increase in the volume of state-sponsored cyber threats over the past year. This reflects the urgent need for organisations to strengthen their defences against increasingly aggressive and sophisticated threats." Cyber resilience strategy Ward added: "The rise in incidents handled by the NCSC shows that these threats are not just hitting more frequently, but with greater severity. To address this, it is vital to implement a robust cyber resilience strategy." "This includes investing in prevention and recovery technologies to fortify defences, adopting incident response frameworks to reduce risks and minimise downtime, and enabling real-time visibility across all devices and applications so centralised IT teams can detect suspicious activity early." Digital health and security risk Matt Gibney, CTO of adCAPTCHA, commented: “Cyber and bot attacks are no longer a distant concern, they are a very real and growing threat that can target any organisation or individual." "With services becoming increasingly digitised, creating countless new entry points for cybercriminals, it's critical for businesses to conduct regular audits of their digital health and security risk to avoid falling victim to a costly breach." Cybersecurity audit Gibney added: "The NCSC highlights how the risks we face are widening faster than our defences can keep up, with cyber threats becoming more frequent, sophisticated, and impactful. A key part of these risks is the rise of bot networks. Once bots infiltrate IT systems, they can scrape and steal valuable data, sell monetised advertising space and content, and cause major financial losses." "This why monitoring for the presence of bot networks should be an essential part of any cybersecurity audit. Uncovering the full extent of bot issues allows organisations to prioritise investment in detection and prevention systems, ultimately strengthening their overall cyber resilience.” NCSC’s Annual Review The NCSC’s Annual Review highlights the rising use of artificial intelligence (AI) by cybercriminals, making attacks more efficient and harder to detect. Over the past year, the NCSC managed 430 cyber incidents, including a rise in data exfiltration and ransomware attacks, with sectors such as academia, manufacturing, and IT remaining highly vulnerable. The NCSC urges organisations to adopt stronger cybersecurity practices to mitigate these risks.

Bugcrowd & SEC DATACOM fight cyber threats in Finland

Bugcrowd, the crowdsourced security pioneer, has signed value-added distributor SEC DATACOM as a distributor in Finland and the Baltic states in an initiative to combat the region’s rapidly escalating cybersecurity threats. These include nation-state attacks on critical infrastructure, government bodies and businesses. The alliance gives Bugcrowd access to SEC DATACOM’s network of 400-500 IT resellers, system integrators and managed security providers (MSPs) in the region. Bugcrowd Crowdsourced platform SEC DATACOM stands to reduce its oversight in IT security with the Bugcrowd platform SEC DATACOM stands to consolidate its leadership in IT security with the Bugcrowd Crowdsourced platform. A report published earlier this year which looked at the cyber resilience of 70 countries concluded that Finland was the country that was the best protected in the world against cyberattacks. Juuso Järvenmäki, Country Manager Finland & Baltics, SEC DATACOM said: “That doesn’t mean we’re winning. It means we’re fighting back harder. The geopolitics of the region including our border with Russia and the recent decision of Finland to join NATO explain why we take cybersecurity so seriously. Our defences reflect the scale of the threat, which continues to increase." Systematic and proactive approach Järvenmäki added: "Last year, Finland’s National Cyber Security Centre noted a four-fold rise in ransomware attacks and a record number of DDoS attacks." “Finnish organisations of all kinds are struggling with the global shortage of cybersecurity skills and there is growing recognition that if we want to stay ahead of the threat, we need a new approach. SEC DATACOM believes the Bugcrowd AI-powered crowdsourced platform gives us access to the right skills and technology that enables a systematic and proactive approach to cyber defence.” Advanced cybersecurity culture Bugcrowd’s passion for providing local activity and support is a key factor in selecting them as a partner Järvenmäki highlighted Bugcrowd’s passion for establishing local training and support as a key factor in selecting them as a strategic partner.  Veera Pennala, Enterprise Account Executive, Bugcrowd said: “Finland has an advanced cybersecurity culture and a strong appetite for innovation, and crowdsourced security is still a relatively new concept in the region. We’re excited to work with SEC DATACOM to bring a proactive security approach with our community of hackers.” Benefits of crowdsourced security Jacques Lopez, VP of Global Channel Sales & Strategic Alliances, Bugcrowd said: “Bug bounty programmes get most of the attention but they’re only part of the story. The Bugcrowd platform supports organisations to build a comprehensive understanding of the attack surface and potential weaknesses in their security posture, as well as automating the management of remediation processes." "Our model is built on a three-way alliance with the ethical hacker community and the channel. We believe the relationship with SEC DATACOM will be critical to bringing the benefits of crowdsourced security to a region that is in the front line of global cyber defence.”

Expansion into AI and security-by-design boom propels IriusRisk towards significant growth in 2023

IriusRisk, the industry-renowned platform for automated threat modeling, grew by more than 50% in 2023, in large part as a result of the company’s expansion into Artificial Intelligence (AI). The company reported a 51% Annual Recurring Revenue (ARR) growth from December 2022 to December 2023, driven by strategic moves into AI and impressive customer retention and expansion rates.  AI expansion The expansion into AI is part of the company's wider plans to power the development of advanced AI-driven threat modeling solutions, transforming how the company can help its customers design secure software and systems. In particular, IriusRisk’s ability to threat model machine learning and AI systems, as well as embedding Gen AI into its product has enabled the company to solve one of the key points of friction with threat modeling - the time it takes for data flow diagrams to be drawn.  Cyber security National Cyber Security Centre warned that new AI tools will lead to an increase in cyberattacks The implications of the rapid development of AI on cyber security are a significant cause for concern. Earlier in 2024, the National Cyber Security Centre (NCSC, part of GCHQ) warned that new AI tools will lead to an increase in cyberattacks and lower the barrier of entry for less sophisticated hackers to do digital harm.  As such, the appointments of a new Head of AI - Jose Lopez - in February 2024, alongside Chief Commercial Strategy Officer - Mark Watson in August 2023, were particularly well timed and both have strengthened the company’s growth capabilities. AI & ML Security Library In October, IriusRisk also published its AI & ML Security Library, which allows organisations to model their planned ML software, and quickly understand what the security risks are, as well as understand what they need to do to mitigate each of those risks before they build AI systems.  This security-by-design approach means that engineering teams can quickly understand what the security requirements for building an AI system that meets their organisations security and data privacy policies. Other highlights from 2023 Strong customer retention and expansion rates - In 2023, 55% of existing customers expanded their engagements with IriusRisk, highlighting the company's ability to deliver tangible value and foster long-term partnerships. Increased headcount - By December 2023, the IriusRisk team had expanded to 161 members, a notable 34% increase on December 2022. A diverse and inclusive culture - IriusRisk employs three times more women than the average for tech companies. It scored 83% for employee engagement via the Employee Net Promoter Score (ENPS), 12% higher than the industry average. Expansion of Threat Modeling Connect - Since its launch in November 2022, IriusRisk’s Threat Modeling Connect platform - a global community to facilitate collaboration and sharing between threat modeling practitioners - has reached 1,500 members. Threat modeling Threat modeling as an activity - for SaaS and the free-to-use Community Edition is on the rise, with more clients Overall, threat modeling as an activity - for SaaS and the free-to-use Community Edition is on the rise, with more clients meaning more businesses using it as a tool for cyber defence. The IriusRisk platform saw a two-thirds (67%) increase in the number of active users, while the number of threat models created increased by more than a third (35%).  AI enhancements Stephen de Vries, CEO of IriusRisk, commented, "It’s been another strong year of growth for IriusRisk. I’m particularly pleased with the enhancements made to our AI capabilities - by doing so, we have strengthened IriusRisk’s capacity to deliver cutting-edge security solutions for our clients that adapt to the continuously evolving cyber challenge." Stephen de Vries adds, "Our expansion into AI, coupled with several strategic hires, underscores our commitment to staying ahead of technological advancements, bolstering defences against emerging cyber threats."

Insights & Opinions from thought leaders at National Cyber Security Centre

The physical side of data protection

The impact of the COVID-19 pandemic has accentuated our digital dependency, on a global scale. Data centres have become even more critical to modern society. The processing and storage of information underpin the economy, characterised by a consistent increase in the volume of data and applications, and reliance upon the internet and IT services. Data centres classed as CNI As such, they are now classed as Critical National Infrastructure (CNI) and sit under the protection of the National Cyber Security Centre (NCSC), and the Centre for the Protection of National Infrastructure (CPNI). As land continues to surge in value, data centre operators are often limited for choice, on where they place their sites and are increasingly forced to consider developed areas, close to other infrastructures, such as housing or industrial sites. Complex security needs One misconception when it comes to data centres is that physical security is straightforward One misconception when it comes to data centres is that physical security is straightforward. However, in practice, things are far more complex. On top of protecting the external perimeter, thought must also be given to factors, such as access control, hostile vehicle mitigation (HVM), protecting power infrastructure, as well as standby generators and localising security devices to operate independently of the main data centre. Face value How a site looks is more important than you may think. Specify security that appears too hostile risks blatantly advertising that you’re protecting a valuable target, ironically making it more interesting to opportunistic intruders. The heightened security that we recommend to clients for these types of sites, include 4 m high-security fences, coils of razor wire, CCTV, and floodlighting. When used together in an integrated approach, it’s easy to see how they make the site appear hostile against its surroundings. However, it must appear secure enough to give the client peace of mind that the site is adequately protected. Getting the balance right is crucial. So, how do you balance security, acoustics and aesthetics harmoniously? Security comes first These are essential facilities and as a result, they require appropriate security investment. Cutting corners leads to a greater long-term expense and increases the likelihood of highly disruptive attacks. Checkpoints Fortunately, guidance is available through independent accreditations and certifications, such as the Loss Prevention Certification Board’s (LPCB) LPS 1175 ratings, the PAS 68 HVM rating, CPNI approval, and the police initiative - Secured by Design (SBD). Thorough technical evaluation and quality audit These bodies employ thorough technical evaluation work and rigorous quality audit processes to ensure products deliver proven levels of protection. With untested security measures, you will not know whether a product works until an attack occurs. Specifying products accredited by established bodies removes this concern. High maintenance Simply installing security measures and hoping for the best will not guarantee 24/7 protection. Just as you would keep computer software and hardware updated, to provide the best level of protection for the data, physical security also needs to be well-maintained, in order to ensure it is providing optimum performance. Importance of testing physical security parameters Inspecting the fence line may seem obvious and straightforward, but it needs to be done regularly. From our experience, this is something that is frequently overlooked. The research we conducted revealed that 63% of companies never test their physical security. They should check the perimeter on both sides and look for any attempted breaches. Foliage, weather conditions or topography changes can also affect security integrity. Companies should also check all fixtures and fittings, looking for damage and corrosion, and clear any litter and debris away. Accessibility When considering access control, speed gates offer an excellent solution for data centres. How quickly a gate can open and close is essential, especially when access to the site is restricted. The consequences of access control equipment failing can be extremely serious, far over a minor irritation or inconvenience. Vehicle and pedestrian barriers, especially if automated, require special attention to maintain effective security and efficiency. Volume control Data centres don’t generally make the best neighbours. The noise created from their 24-hour operation can be considerable. HVAC systems, event-triggered security and fire alarms, HV substations, and vehicle traffic can quickly become unbearable for residents. Secure and soundproof perimeter As well as having excellent noise-reducing properties, timber is also a robust material for security fencing So, how do you create a secure and soundproof perimeter? Fortunately, through LPS 1175 certification and CPNI approval, it is possible to combine high-security performance and up to 28dB of noise reduction capabilities. As well as having excellent noise-reducing properties, timber is also a robust material for security fencing. Seamlessly locking thick timber boards create a flat face, making climbing difficult and the solid boards prevent lines of sight into the facility. For extra protection, steel mesh can either be added to one side of the fence or sandwiched between the timber boards, making it extremely difficult to break through. A fair façade A high-security timber fence can be both, aesthetically pleasing and disguise its security credentials. Its pleasant natural façade provides a foil to the stern steel bars and mesh, often seen with other high-security solutions. Of course, it’s still important that fencing serves its primary purposes, so make sure you refer to certifications, to establish a product’s security and acoustic performance. Better protected The value of data cannot be overstated. A breach can have severe consequences for public safety and the economy, leading to serious national security implications. Countering varied security threats Data centres are faced with an incredibly diverse range of threats, including activism, sabotage, trespass, and terrorism on a daily basis. It’s no wonder the government has taken an active role in assisting with their protection through the medium of the CPNI and NCSC. By working with government bodies such as the CPNI and certification boards like the LPCB, specifiers can access a vault of useful knowledge and advice. This will guide them to effective and quality products that are appropriate for their specific site in question, ensuring it’s kept safe and secure.

Quick poll
What is the most significant challenge facing smart building security today?