We now operate in a digital world. The exponential growth in internet use; the pervasive nature of social networks; and the proliferation of IoT (Internet of Things) at work and at home, make this a digital age. Our ability to secure our data, networks and technology is becoming key to our way of life, the growth in our economy and our personal privacy.
As a result, cyber attacks pose a significant risk to the UK. They are also growing more frequent, sophisticated and damaging. The source and nature of these attacks is diverse. ‘Script kiddies’ may hack an organisation to extract high value confidential customer data. Serious organised crime groups who offer “Crime as a Service” can target sophisticated attacks on e-commerce and business systems. And in extreme cases allegations have surfaced that state-sponsored organisations have been involved in influencing political systems and elections, or targeting our critical national infrastructure.
The methods for these attacks are also wide ranging, from social engineering techniques, exploitation of software vulnerabilities, brute force DDoS (Distributed Denial of Service) attacks through to sophisticated iterative methods based on machine learning.
The UK Government has set out a clear ambition to address cyber threats and has put in place tough and innovative measures as a world leader in cyber security. This commitment is detailed in 2016-2021 National Cyber Security Strategy, which includes a planned investment of £1.9bn over the next five years to transform the UK’s cyber security capability. Additionally, the National Cyber Security Centre (NCSC) has been created to be the authority on the UK’s cyber security environment, sharing knowledge, addressing systemic vulnerabilities and providing leadership on key national cyber security issues.
However, the best approach to handling cyber threats is not one of the public sector alone – partnership with the private sector can increase effectiveness. This partnership needs to both drive innovation and also crucially help close the cyberskills gap that currently exists. North East England can play a leading role in this process by building upon its existing position as one of the fastest growing technology regions in the UK. The region already has an enviable position of having a number of universities with strong cyber and digital courses that produce highly skilled individuals that can bring value to the industry. Combine this with the extensive public sector footprint, and the diverse private sector technology companies in the region and a clear and present opportunity exists to develop a regional cyber cluster that is at the forefront of national cyber defence.
Dynamo and Accenture are working together to help establish a North East Cyber Cluster. With supporting investment and input from Accenture, Dynamo is using the existing talent within both the North East public and private sectors, to develop a strategy for developing the Cyber Cluster. In parallel Accenture is also investing in developing cyber skills within its Newcastle Delivery Centre, so it can help address the growing demand for such skills across the UK.
Businesses in both the North East and across the UK should therefore look at 2018 as an opportunity to renew their cybersecurity strategies and ensure they’re fit for the future, the NCSC 10-Step Guide provides a good starting point
There are three key steps every business should prioritise:
1. Build a strong cybersecurity posture: invest in the basics such as security intelligence and advanced access management and recognise the need to innovate to stay ahead of hackers.
2. Undertake extreme pressure testing: businesses should not rely on compliance alone to enhance their security profile but undertake extreme pressure testing to identify vulnerabilities more rigorously than even the most highly motivated attacker.
3. Invest in breakthrough innovation: balance spend on new technologies, specifically analytics and artificial intelligence, to enhance programme effectiveness and scale value.
Cybersecurity needs to move from being an IT problem, to an issue that is owned and managed collectively by all business areas. These three steps will help ensure businesses in North East England can continue to lead the world in the effectiveness of their cybersecurity strategies, building confidence among customers and significantly reducing costs.
For more information on Accenture Security services visit: www.accenture.com/security