Speaking at The European Information Security Summit in central London on the UK’s cybersecurity strategy, James Snook, deputy director of the Office for Cyber Security and Information Assurance, said that the launch of the five year strategy recognized that “cyber is a big deal for this government.”
Snook acknowledged that the “Cyber landscape is too complex for government” but its announcements around the strategy will allow companies to engage with government. “We cannot create technology experts overnight, so NCSC has been placed as a part of GCHQ to attract deep technical expertise and we opened it to be accessible for everyone who wants to work with it,” he added
“The center is there to be the single authority of cybersecurity in the government and understand the threat level. It will manage risk and incident management capability as we worked on it with CERT UK, and also I hope organizations see this as an opportunity to put staff in there and work with it. This is the most significant part of strategy.”
The NCSC, which was opened last week by the Queen, will enable better DNS filtering, dealing with what Snook called the “nuisance attacks” that “can be avoided by following simple best practice”, working with industry to block malicious websites hosting malicious code and getting rid of the threat before it reaches the target.
“We will focus our resources on the APT and sophisticated attacks, and trial this internally in government to make sure it works, as the government is a massive target for attacks,” he said.
He concluded by saying that there is an incentive to better increase the number of skilled professionals as the UK “has masses of potential and more than we are exploiting”, but small-to-medium enterprises are struggling and the return on investment for the venture capitalists is potentially greater in the UK than in the USA, so collaboration is needed.