{"id":50501,"date":"2014-11-20T12:23:43","date_gmt":"2014-11-20T12:23:43","guid":{"rendered":"http:\/\/mostafa.openonline.co.uk\/?guid=e420af691911f943731b2599724ef21e"},"modified":"2014-11-20T12:23:43","modified_gmt":"2014-11-20T12:23:43","slug":"speech-govnet-cyber-security-summit-2014-francis-maude","status":"publish","type":"post","link":"https:\/\/mostafa.openonline.co.uk\/?p=50501","title":{"rendered":"Speech: Govnet Cyber Security Summit 2014: Francis Maude"},"content":{"rendered":"
\n

It\u2019s a pleasure to speak to you today.<\/p>\n

Cyber security is a shared responsibility. The internet is too complex for any single organisation to respond alone. So it\u2019s crucial that the public and private sectors come together at events like this to discuss how we can work together to protect ourselves online. <\/p>\n

The timing is good too with The Imitation Game in cinemas, which tells the story of Alan Turing and Bletchley Park. It\u2019s a reminder of Britain\u2019s amazing heritage in cryptography and computer science.<\/a><\/p>\n

If you visit the museum at Bletchley Park they have on display a piece of cable from an early Turing machine. It\u2019s practically all that remains from one of the world\u2019s first proto-computers \u2013 but it only survived by chance. One of the workmen tasked with dismantling the equipment at the end of the war used it to tie up his holdall because the fastener had broken. <\/p>\n

It\u2019s amazing to think the computer age began in a quiet corner of Buckinghamshire, but the need for discretion and secrecy meant the UK\u2019s part in this story was almost forgotten. <\/p>\n

Today, things are different, and we can\u2019t afford to be modest. When Tim Berners-Lee invented the World Wide Web 25 years ago, he did it in a way that was open and free, so that anyone could take his creation and help it expand and grow. <\/p>\n

So as much as we focus on making the cyber threat sound dark and menacing so that people and businesses protect themselves online, we must never lose sight of the benefits and the opportunities that the internet has brought.<\/p>\n

The digital revolution has the power to create jobs, transform public services and to change the way we live and work. In so many areas \u2013 from cyber security to satellite communications \u2013 Britain is at the forefront of developments, and we should be shouting about this from the rooftops: this is a strength for Britain \u2013 and we\u2019re determined to seize the opportunities that the digital age presents.<\/p>\n

National cyber security strategy<\/h2>\n

Cyber attacks are ranked as a tier one threat to the UK. When the coalition was formed in 2010 we conducted a Strategic Defence and Security Review<\/a> that ranked cyber alongside risks like terrorism, international conflict and natural disasters when measured against both the likelihood of occurrence and severity of impact. So when we published the UK\u2019s first Cyber Security Strategy<\/a> \u2013 3 years ago next Tuesday \u2013 we backed it with \u00a3860 million of investment up to 2016. <\/p>\n

Normally my day job is about trying to save money. And when you consider the pressures on spending across government, I think the fact we\u2019re prepared to invest such a large sum in beefing up our cyber resilience is an indication of just how seriously we take this issue. <\/p>\n

Government leading by example<\/h2>\n

It\u2019s absolutely right that government should lead by example, and over the past few years we\u2019ve launched a number of initiatives to secure our own systems and to support others. We want the UK to be one of the safest places in the world to do business \u2013 it\u2019s part of our long term economic plan.<\/p>\n

Only yesterday, CESG, the information security arm of GCHQ, launched a new certified training scheme<\/a> in partnership with APM Group. It will certify cyber security training courses to ensure they meet the required standard. It will also help individuals and businesses quickly identify the courses most relevant to their needs. <\/p>\n

We\u2019re also keen for good cyber practice to reverberate through our supply chain. Since October this year, the government requires all suppliers bidding for certain personal and sensitive information handling contracts to be compliant with the 5 critical controls set out under the Cyber Essentials scheme<\/a>. <\/p>\n

This scheme gives businesses clarity on good basic cyber security practice and will provide protection against the most common threats. It\u2019s often the simplest measures that can make the biggest difference. After going through a certification process, businesses will be able to show they have the right measures in place by displaying the Cyber Essentials badge, which we hope becomes the cyber equivalent of the MOT certificate.<\/p>\n

GOV.UK Verify<\/h2>\n

Cyber security is also an important consideration as we transform the government\u2019s digital presence. We started with GOV.UK<\/a>, a single website for all government services and information, which celebrated its 1 billionth visitor<\/a> last month, despite the fact it\u2019s only been open for 2 years. <\/p>\n

Now we\u2019ve turned our attention to digitising 25 high-volume public services<\/a>.<\/p>\n

One by one these services are becoming faster, clearer and more convenient to use, and the number of people using them continues to grow \u2013 for instance, 1 million people used the new Independent Electoral Registration service<\/a> in the 2 months after it went live.<\/p>\n

So as we go digital by default it becomes even more important that someone signing in to use a service is who they say they are. That\u2019s why we\u2019re developing GOV.UK Verify<\/a> with funding through the National Cyber Security Programme. <\/p>\n

For the first time people will be able to prove their identity in an entirely digitally manner. It will allow government \u2013 and eventually private sector services too \u2013 to trust that a user is who they say they are. This work is still at a relatively early stage \u2013 it went into public beta testing earlier this month \u2013 but, in time, it will make a real contribution to trust and security in the digital age.<\/p>\n

Coupled with Verify, we\u2019ve also been investing to ensure the public sector staff have the necessary skills and capabilities to help combat the threats government faces in cyberspace. <\/p>\n

By training skilled staff at the Department for Work and Pensions and investing in HM Revenue & Customs\u2019 Cyber Security Command Centre, for instance, the National Cyber Security Programme aims to ensure the departments responsible for our largest online services have the technology and capabilities they need to operate safely online. <\/p>\n

Cooperation<\/h2>\n

But while it\u2019s right the government leads by example, we can\u2019t do it alone. There\u2019s no single magic bullet to neutralise the cyber threat, but the one thing common to all our efforts \u2013 whether it\u2019s about resilience, or awareness, or capability and skills \u2013 is co-operation.<\/p>\n

Earlier this year, I opened CERT-UK<\/a>, our first national Computer Emergency Response Team, to bring about closer co-operation between businesses and the government and law enforcement agencies. It means that there is now a single organisation co-ordinating our response to cyber issues on a daily basis, which can identify and track risks as they emerge and, when necessary, bring others together to respond. <\/p>\n

Already its services have been much in demand, responding to numerous threats like Heartbleed, Gameover Zeus and Shylock \u2013 just 3 examples from a constant stream of incidents. Officials from CERT have worked behind the scenes to help co-ordinate cyber security around the NATO Summit in Wales<\/a> and contribute to the security of the Commonwealth Games in Glasgow.<\/p>\n

Sitting as part of CERT-UK<\/a> is the Cyber Security Information Sharing Partnership or CiSP for short. CiSP enables government and business partners to exchange information on threats and vulnerabilities as they occur in real time. This enables a \u2018fusion cell\u2019 made up of analysts from business and law enforcement to draw together a single intelligence picture of cyber threats facing the UK. <\/p>\n

By the end of October, nearly 700 companies had joined the Partnership and it continues to grow. This year we\u2019ve been trialling a regional CiSP node in the East Midlands which is run in conjunction with the Regional Organised Crime Unit. We are currently evaluating the success of this trial and hope to develop similar regional nodes elsewhere.<\/p>\n

Shellshock<\/h2>\n

In September, CERT-UK responded to the Bash vulnerability, also known as Shellshock.<\/p>\n

Details first emerged late one evening, but before 9am the next morning CERT-UK had already posted information onto the Cyber Information Sharing Partnership and in the following 72 hours there were over 1,000 page views. CiSP members were actively sharing their own information to contribute to our situational awareness and a number of new companies joined the Fusion Cell during this period, further building the capability. <\/p>\n

This is the pattern for success: governments and businesses working together \u2013 quickly and in real time \u2013 to share intelligence, learn lessons, pool capabilities and coordinate action.<\/p>\n

CiSP works on trust. It has government involvement, but it\u2019s business-led. Information is shared voluntarily, and that\u2019s why it works. The more partners that join, the more information that\u2019s shared, the better the overall picture and the greater our collective resilience.<\/p>\n

You\u2019ll be hearing from CERT-UK\u2019s director, Chris Gibson, later today and I would encourage as many organisations as possible to join. <\/p>\n

Critical national infrastructure<\/h2>\n

The government is also working closely with owners and operators of the UK\u2019s Critical National Infrastructure, most of it of course now in the private sector. <\/p>\n

Through the National Cyber Security Programme we\u2019re funding an ambitious programme of work to make sure both government and businesses know our critical cyber assets \u2013 the ones that keep the country running. We want to understand their resilience to sophisticated cyber attacks so we can work together to keep these systems secure.<\/p>\n

This work is proceeding well and I\u2019m pleased to see how positively the private and public sectors are embracing the importance of working together to make the UK as whole more resilient. <\/p>\n

Growth<\/h2>\n

We also want to work with cyber businesses to help them grow. Later today I\u2019m off to Worcestershire to visit the cluster of small cyber security firms that belong to the Malvern Cyber Security Cluster and to meet some of the brilliant people they employ. <\/p>\n

In recent years the number of firms in this region has grown from around 45 to nearer 75, and the area is deservedly becoming known as Britain\u2019s \u2018Cyber Valley\u2019. These firms may be small, but they\u2019re innovative, agile and are winning contracts around the world. <\/p>\n

A case in point is Titania \u2013 a firm of 22 staff and growing \u2013 which supplies its software to customers in over 60 countries. This afternoon I\u2019ll have the privilege of opening their new premises \u2013 a sign of their growth and success. <\/p>\n

So a part of our long term economic plan, we\u2019re backing cyber firms like these through the Cyber Growth Partnership and the Cyber Exports Strategy<\/a>. We want to be exporting \u00a32 billion worth of products and services by 2016.<\/p>\n

And with the support of funding from the National Cyber Security Programme, we\u2019re working to bring together clusters of cyber firms in other places, including Cambridge, Bristol, London, Southampton and Brighton.<\/p>\n

We\u2019re also working with business to identify and develop cyber skills and expertise in the next generation to meet the demands of the workforce. We can\u2019t just look in the normal places. Some of the best are self-taught and we want them to help make the UK safe online.<\/p>\n

Earlier I mentioned Bletchley Park, which was full of people from all kinds of backgrounds \u2013 from chess grandmasters to experts in Egyptian papyrus. What they all had in common was sheer brain power. We need to be much better at finding and nurturing their modern day equivalents. <\/p>\n

Earlier this year I opened the final of the 2014 Cyber Security Challenge<\/a>. It\u2019s one way of demonstrating the value of cyber security as a career opportunity to as wide an audience as possible. There were over 2,000 new joiners this year, with 18,000 registered overall. Almost 1 in 3 of those who reach the final stage of the competition go on to find work in cyber security. It\u2019s just one of the ways we\u2019re trying to plug the skills gap.<\/p>\n

The cyber threat is nothing that cannot be matched and defeated through human ingenuity or expertise, which is why we\u2019ve got to get better at identifying and developing people with talent so they can help keep us secure.<\/p>\n

Conclusion<\/h2>\n

So, in conclusion, my message today is that we must continue to work together \u2013 this is absolutely essential to success. Only by working together in real time can we share the information and intelligence necessary to combat the threats more effectively and mitigate our weakness before the cyber criminals have the opportunity to exploit them.<\/p>\n

But we can also turn a necessary evil into an exciting opportunity for jobs and growth, innovation and advancement. This will make the UK one of the safest places in the world to do business and ensure that our economy and society continues to benefit from the ongoing digital transformation.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

The Minister for Cabinet Office gave the keynote speech on government and business sharing information to combat cyber security threats.<\/p>\n","protected":false},"author":8,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13],"tags":[],"_links":{"self":[{"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/50501"}],"collection":[{"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=50501"}],"version-history":[{"count":0,"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/50501\/revisions"}],"wp:attachment":[{"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=50501"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=50501"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mostafa.openonline.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=50501"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}