On Wednesday 8 June, PICTFOR hosted their fourth event of the year on Cyber Security, titled: Maintaining security during conflict – how do current events in Ukraine impact the UK’s Cyber Security?
The session featured insights from Simon Fell MP, Chair of the Cyber Security APPG , Paul Maddinson, the Director of National Resilience and Strategy at the National Cyber Security Centre (NCSC) and Juliette Dalitz, Head of Audit and Risk at Nominet. The event was chaired by Simon Blagden CBE, PICTFOR Industry Chair and Chair of the Telecoms Diversification Advisory Council.
Simon Blagden CBE provided opening remarks, welcoming all PICTFOR members, Vice-Chairs, and attendees from the wider tech community and thanking them for attending the event. He then remarked on the increasing prevalence of Cyber attacks, both against government departments and industry, and stressed the increased importance of Cyber Security as a result. The Chair then introduced the panel of speakers, before calling on Chair of the APPG for Cyber Security, Simon Fell MP, to speak.
Simon Fell MP began by stating some of the achievements of the Cyber Security APPG during his tenure as Chair, including contributing to the computer misuse act. He then reflected on some of the major changes that he had witnessed in Cyber crime over his previous 10-year career in the telecommunications and financial fraud sectors. He continued by reflecting on the risk posed by Cyber attacks, referencing the accumulation of data leading to the potential threat increasing from just one isolated institution or business to an entire country. He went on to identify the two main proponents of these attacks – organised criminal groups, and state/non-state actors, making reference to China and Russia’ ability to engage in Cyber warfare and the risk associated with this capacity. In this context he spoke about the National Security Bill, currently in its second reading, which seeks to address some of these threats. He went on to discuss the threat posed by non-state actors to national infrastructure, referencing the WannaCry ransomware attacks. He concluded by reflecting on the need to educate SME’s and consumers about Cyber Security as well as reforming legislation that restricts the abilities of those acting to protect the UK.
The Chair then introduced Paul Maddinson, Director of National Resilience and Strategy at the National Cyber Security Centre who began by explaining the role of the NCSC, and how it provides advice to help secure critical national infrastructure and the wider economy and citizenry. He went on to discuss the increased Cyber threat since the Russian invasion of Ukraine, which he highlighted was the most sustained Cyber campaign as part of a military operation that the world has ever seen. He then discussed the NCSC’s concerns over the collateral damage resulting from conflict, referencing the attacks on Viasat, a satellite communications company which was working with the Ukrainian military, which subsequently impacted on the German energy sector as well as other nations globally. He discussed the work the NCSC has been doing with businesses advising them on how to increase their resilience to attacks from malicious agents. He went on to speak about the long term benefits of raising the Country’s Cyber resilience, specifically in order to protect against ransomware and other forms of lower profile Cyber crime. He concluded by stressing the importance of a collective responsibility for Cyber Security, and the importance of PICTFOR in enabling society-wide collaboration on these kinds of issues.
Following this, the Chair introduced Juliette Dalitz, Head of Audit and Risk at Nominet, the manager of the .uk domain. She began by explaining the role of Nominet and its collaboration with the NCSC. She then discussed why organisations were targeted by Cyber attacks, with some organisations being targeted due to their association with Britain, ‘The West’ or Ukraine. She suggested that a simple way to help counter these threats would be for organisations to refresh their risk assessments to evaluate the evolving security landscape in order to better understand the threats and the areas that could be prioritised for increased defences. She also recommended utilising the NCSC’s resources for the testing of company security measures, and concluded by stressing the importance of integrating company defences into day-to-day operations.
The Chair then took questions from the roundtable, with contributions from CNI Scotland, Trafalgar Strategy, and BT. The Chair then thanked the speakers and those in attendance and closed the event by emphasising the importance of improving our understanding of Cyber threats and how best to defend against them.
You can catch up on the entire event below.