Saturday 21 November 2015

Reflections on the Chancellors Cyber Speech at GCHQ

This article is replicated in Policing Insight

“Reflections on the Chancellors Cyber speech at GCHQ” 

Stuart Hyde QPM 
Policing Insight. November 2015

On Tuesday this week the Chancellor gave an impressive outline of the UK response to the multiple threats to Cybercrime and Cyber terrorism. In a positive contribution he outlined a range of actions and investments across Government linked to outstanding contributions from industry that will be aimed at keeping the UK safe online. The full text is below
George Osborne speech at GCHQ 17th November 2015

Whilst the speech was fascinating and sparked of a real joined up approach including some very interesting anecdotes, there remains concern that some of the solid foundations he talks of, may not be delivered, and that the investment in Cyber intelligence and Analysis could be undermined. In brief here are some of the concerns that should be tackled:
The risk of further cuts to policing could weaken the police response to Cybercrime and the support Forces can give to Regional Cyber Crime Units and the NCCU 
The training provision for officers and staff in Cyber issues is not mature enough yet to enable effective response to the very wide range of cyber-enabled and cyber-dependant criminality.  
The investment in the prevention of cybercrime, particularly through GetSafeOnline is minimal and directly contrasted with the huge costs of CyberStreetWise  
Exercising is sporadic, and although highly sophisticated facilities such as CYBX exist (run under the auspices of the Emergency Planning College) lack of financial support has discouraged many organisations including public and private sector from investing in such activities.
The national scheme supporting Cybercrime Information Sharing Partnerships is inconsistent across the UK. Despite being a National model not all regions have them. This undermines the ability of Government agencies to reach out to vulnerable industry and circulate common security messages. Many regions don’t have them yet, despite it being a national initiative.
A Review of the curriculum in schools for ICT and Computer Studies could be adopted to try and ensure that the education children receive about Cyber reflects their current or future usage. The encouragement for coding is to be welcomed but a wider review may help to better align learning across the education sector with current trends in Cyber development.
The previous Government was extremely keen on the concept of the Big Society. This should not escape the attention of Cyber. Opportunities to recruit Cyber Police Specials within industry to actively support policing should be encouraged. There are very small examples of this which could be developed further particularly in the wake of further police cuts

Now is the time to make a dramatic but effective shift towards making the UK the safest place online.
Looking at some of the specific comments within the speech
“Before the dreadful events of the weekend we had already indicated that we would be increasing substantially the resources we dedicate to countering the terrorist threat posed by ISIL. “
It is interesting that this is not a reaction to the tragic events in Paris but a broader and historic reaction to the threat of an online ISIS/ISIL. The investment is being targeted against a particular threat, one of many currently facing the UK cyber environment.
“The Prime Minister has made clear that across the agencies a further 1,900 staff will be recruited to keep Britain safe from terrorist attack.”
The 2000 additional staff for the estimated £400M a year seems quite expensive, however the additional on-costs and technology costs will be excessive in order to retain the edge required to tackle the enormous online threat. The issue of further police cuts should, however, not be ignored. These intelligence officers and analysts will create opportunities to arrest or intervene to prevent attacks, or to mitigate risk. That, in many cases, will increase the requirement for specialist policing services including armed tactical support. Whilst this is the right thing to do, it will have an additional demand for the police service at a time of contraction. 
“The answer is not just in more resources, but in ensuring those who keep us safe have the right legal framework, that allows them to do their job while preserving the values and freedoms which we are so determined to defend.” 
It is also right that throwing money at something is not always the best solution, but it helps. Linking a review of funding and investment with a review of legislation will help to make the new resources much more effective. However, the people of the UK will need to balance their need for protection against their desire for privacy, a difficult challenge at the best of times
“As Chancellor I know about the enormous potential for the internet to drive economic growth, but I am also acutely aware of the risk of cyber-attack harming our economy and undermining the confidence on which it rests.”
The harm to businesses of an attack or a leak of data is considerable. The recent TalkTalk crisis threw the Chief Executive, Baroness Dido Harding, into the media spotlight as TalkTalk struggled to come to terms with the media avalanche that descended upon them. CEOs cannot avoid being in the frontline when an attack takes place and the disruption to a company will be dramatic and potentially irrecoverable. It is interesting to see the very positive pre- Christmas adverts from TalkTalk now rebuilding its reputation and branding.  
“And I also know that we can’t afford to build strong cyber defences unless they rest on the solid foundations of sound public finances.”
The wider public finances issue is a very real requirement for the UK. However, a number of the initiatives through these announcements will require the solid foundations of policing. Neighbourhood policing, a service connected to its communities, the capacity to support arrests or disruption, specialist cybercrime and digital forensics capabilities, compliance with ISO 17025, flexibility to support substantial human surveillance, post incident management and evidence recovery to name but a few of the roles inevitable to support making the UK online world safer. All currently at risk.
“Citizens need to follow basic rules of keeping themselves safe – installing security software, downloading software updates, using strong passwords.”
CyberStreetWise has fixated over the past few weeks about its three word campaign, but find any reference to TalkTalk on the site, you won’t. Yet the TalkTalk saga was an issue that may have affected 10% of the population. And who talks for Cyberstreetwise, no one, it’s anonymous. This is not the best use of investment. Far outstripping it is the very versatile and responsive GetSafeOnline, which involves industry and others with very little investment from Government, effectively run on a shoestring. If we want citizens to protect themselves we need to invest in better and much more effective and responsive campaigns run by real public people. 
“Companies need to protect their own networks, and harden themselves against cyber attack…The starting point must be that every British company is a target, that every British network will be attacked, and that cyber crime is not something that happens to other people… We established the Computer Emergency Response Team for the UK, and the Cyber Information Sharing Partnership so companies could share what they knew.”
If we want to engage business in making the UK safer online then the government should enforce the CISP programme (see above) it takes far too long to launch and then run CISPs. Getting them moving and putting a little investment in, will provide a truly national response between Government, Police and Industry. Here are the areas with CISPs. The North East comes online very soon.

“We have built the National Cyber Crime Unit so cyber criminals are brought to justice.”
The Cybercrime Units across the UK linked to the National Unit are working together to address a range of cyber-attacks. Building up their knowledge and experience and exercising together, is helping to develop a good model for the future. However, with forces reducing budgets it is probable that the model could be undermined as Chiefs and PCCs seek alternative ways to spent scant resources
“We developed clear guidance for businesses, including the Cyber Essentials scheme, which already has over a thousand companies accredited.”
The scheme itself is simple yet effective but with the absence of an effective national model of CISPs it is left to a multitude of fora to distribute and promote the scheme. Of equal value is the 10 Steps to Cyber Seciurity a Board level tick box that should be a common statement for all organisations. 
“We built cyber security into every stage of the education process. We established Cyber First and cyber apprentices to make sure that we got the talent we needed coming into the field…. And most ambitiously, we will be rolling out a major programme for the most talented 14 to 17 year olds, involving after-school sessions with expert mentors, challenging projects, and summer schools where those on the scheme can see where their cyber skills can take them. ”
Keeping the “Cyber” learning up to date is essential and making it relevant really does mean we can keep the UK safe. In an interview BBC Radio5 Live had with the hacker Charles Float, he talked about his frustration at the technology education provided in school and his lack of interest. I make no judgement about his actions but there must be a better way to channel bright and knowledgeable school children who are orientated towards gaming, and moving them away from hacking. Ensuring that people who hack, even if only to have an advantage within an online game, know that disrupting other players online access is illegal might be a start.
“It is a bold, comprehensive programme that will give Britain the next generation of cyber security, and make Britain one of the safest places to do business online.”
I agree it is a big investment, but one that is essential to retain a safer online UK. However, there are still risks that this strategy could be undermined, unfortunately by the same person proposing it.
“Today I can announce that in 2016 we will establish a single National Cyber Centre, which will report to the Director of GCHQ. The Centre will be a unified source of advice and support for the economy, replacing the current array of bodies with a single point of contact.”
It will be useful to see the details of the Cyber Centre in particular its engagement with Police Forces and how it will strengthen the Regional Cyber Crime Units and the NCCU. 
Overall it was a positive step. Some of my comments may appear to be negative, they are not meant to be. Any investment in this area is welcome but we need to ensure that the good intentions are not undermined by the economic realities facing Policing particularly.
There is an opportunity to bring Cyber issues into the current psyche of leaders across all sectors which would substantially help to create a safer online UK. As a policy or strategy it does, however, stand alone, as there does not appear to be an alternative from others and I look forward to seeing alternative strategies to keep online UK safe from other political parties particularly the Opposition.
Stuart Hyde QPM
Cyber commentator 
Vice president
Vice President
Director of Solutions

Tuesday 17 November 2015

Cybercrime and George Osbornes speech

Whilst the speech by George Osborne was fascinating this morning  and full of some interesting anecdotes,  I am concerned, however, that the solid foundation he talks of will not be delivered and that the investment in Cyber intelligence and Analysis will be undermined. In particular perhaps we need the following

  1. No further cuts to policing and strengthen the police Cyber capability through Regional Cybercrime Teams and the NCCU
  2. Provide effective training and education for all Police Officers in Cybercrime prevention and detection
  3. Increase REAL investment and effectiveness in Prevention of cybercrime, particularly through GetSafeOnline and move some of the huge costs of CyberStreetWise towards it.
  4. Increase the number of joint industry and law enforcement exercising on Cyber attacks
  5. Enforce the Cybercrime Information SharingPartnerships. Many regions don’t have them yet, despite it being a national initiative
  6. Review the curriculum in schools for ICT and Computer Studies to better reflect the here and now and help gifted students stay on track (see comments of Charles Float R5Live)
  7. Increase the use of Cyber Specials to support Law Enforcement

Now is the time to make a dramatic but effective shift towards making the UK the safest place online.

Monday 9 November 2015

HTCC Briefing 4

HTCC Newsletter Update 4
The newsletter will aim to brief members on issues relating to Digital Forensics and collaboration as well as news about the HTCC  In the news recently
Please upload useful documents or those submitted to colleagues on request for help to the Cybercop Portal. There has been a lot of information added recently. If you are not a member please go to our public site
If you are a member please feel free to circulate these Briefing to colleagues. Whilst they contain opinions no protected data will be exposed through this system.

This article about UK policing highlights the problems faced in getting effective Digital Forensic work done quickly. As well as the unacceptable delay for victims it leaves real offenders free to re-offend. This will be a big issue globally

An interesting account of a range of Cyber courses running in US Universities. Helpful thoughts for those looking to take further Cyber Security education programmes

If you are interested in the financials behind one of the biggest names in Digital Forensics recovery here it is

Interesting article about the ease of inserting covert apps into another’s phone. Uses the reporters phone to cover mSpy and FlexiSpy.
Article discussion the growth in Digital Forensics in the workplace particularly the corporate world for tracking and recovery of evidence in civil cases.

A lot of attention being paid internationally about how Small and Medium enterprises protect themselves.
On that subject within the UK the TalkTalk hack has exposed the vulnerability of a range of corporate held data. Whilst the story is still unravelling, many days later, the big lesson is that if your company has leak you as the CIO are on the front page. And also…..
The quickest way to lose your business is to lose your data

Popular Posts in last 7 Days