Wow, RIP hackers ... It's Cyber-Lord Blunkett to the rescue for UK big biz

New system to ensure suppliers are up to scratch on IT security


A high-profile project has been launched with the aim of strengthening UK enterprises' IT security.

The Cyber Highway was launched in London on Tuesday by Lord David Blunkett. The resource offers a “user-friendly online portal for large enterprises that want to strengthen the cyber defence of their supply chain.”

Corporations will, essentially, be able to monitor in real-time the progress their suppliers are making en route to Cyber Essentials certification.

Cyber Essentials is a UK government scheme that launched in June 2014 and is designed to help organisations protect themselves against hackers and malware infections. It’s largely about baseline security controls.

So basically, Cyber Highway ensures that your suppliers are following the Cyber Essentials requirements of good security – which is crucial as more and more Whitehall departments insist on suppliers being Cyber Essentials certified.

Lord Blunkett – a former Home Secretary and chairman of Cyber Essentials Direct, the outfit behind The Cyber Highway – said: “The UK Government has made significant progress. Government departments now require suppliers bidding for particular contracts to be Cyber Essentials certified, and next month sees the launch of the National Cyber Security Centre. These are all steps in the right direction but we can and must go further, especially to assist many more companies to become certified.”

Small organisations account for 92 per cent of cyber attacks, often because of limited resources. The issue of vulnerabilities in third-party suppliers leading to compromises of the companies they serve has been around for years, and gained much greater prominence after a mega-breach at US retailer Target was traced back to its refrigeration, heating and air conditioning subcontractor.

Cyber Essentials Direct chief exec John Lyons said: “We have spent the last eighteen months designing a practical and helpful approach to help de-risk and secure otherwise vulnerable supply chains from cyber attack.”

All about the baseline

Javvad Malik, security advocate at security tools firm AlienVault, said that Cyber Essentials was helpful in improving baseline security standards.

“There definitely have been benefits from cyber essentials,” Malik explained. “Many small businesses that were not even aware of security needs or requirements have, by way of Cyber Security Essentials, been able to establish a baseline. The better-equipped and aware of security needs companies are, the better the chance they can spot, prevent, and respond to a cyber attack. However, we may not see a visible reduction in the amount of data breaches immediately. The process needs time to distil through organisations. During this time, it is likely that attackers will change their tactics – but overall the security bar will be raised.

“The most important thing enterprises should be doing is [to] know what their assets are, where they are located, and be aware of when [they are] attacked, compromised, or stolen,” Malik added.

Gubi Singh, COO at pen testing and management threat detection firm Redscan, noted that many businesses, particularly small- and medium-sized ones, are “still complacent” about the risks posed by cyber threats.

“Obtaining accreditation like Cyber Essentials demonstrates to customers, partners and investors that a company takes protection of data seriously, and many businesses are now waking up to the competitive advantages of having effective security controls in place,” Singh said.

Compliance is not a tick box exercise, however. With the threat landscape evolving on a daily basis, defences and processes need to be continually reviewed to keep pace with the latest attacks,” he added.

Prospects

Firms that gain Cyber Essentials certification through The Cyber Highway will have access to AIG’s CyberEdge range of cyber liability insurance cover at reduced rates.

Cyber Highway said it was in talks with 300 companies representing supply chain businesses in the retail and technology sectors about getting onto its platform. The organisations have also signed up an unnamed High Street bank as a customer. Government suppliers are another potential source of customers.

Malcolm Carrie, industry programme director of the Defence Cyber Protection Partnership, said, “Cyber Essentials is the ground level for the Defence supply chain – the Defence Cyber Protection Partnership has layered further controls on top of it to address higher-risk scenarios. Smoothing the path to obtaining Cyber Essentials certification is welcome.”

Overseas governments are also in talks with Cyber Essentials Direct about implementing the Cyber Essentials programme in their own countries.  For example, CyberNB (Cyber New Brunswick), Canada’s first provincial body to develop a comprehensive cyber security strategy, is weighing up the benefits of The Cyber Highway. ®

Similar topics


Other stories you might like

  • North Korea pulled in $400m in cryptocurrency heists last year – report

    Plus: FIFA 22 players lose their identity and Texas gets phony QR codes

    In brief Thieves operating for the North Korean government made off with almost $400m in digicash last year in a concerted attack to steal and launder as much currency as they could.

    A report from blockchain biz Chainalysis found that attackers were going after investment houses and currency exchanges in a bid to purloin funds and send them back to the Glorious Leader's coffers. They then use mixing software to make masses of micropayments to new wallets, before consolidating them all again into a new account and moving the funds.

    Bitcoin used to be a top target but Ether is now the most stolen currency, say the researchers, accounting for 58 per cent of the funds filched. Bitcoin accounted for just 20 per cent, a fall of more than 50 per cent since 2019 - although part of the reason might be that they are now so valuable people are taking more care with them.

    Continue reading
  • Tesla Full Self-Driving videos prompt California's DMV to rethink policy on accidents

    Plus: AI systems can identify different chess players by their moves and more

    In brief California’s Department of Motor Vehicles said it’s “revisiting” its opinion of whether Tesla’s so-called Full Self-Driving feature needs more oversight after a series of videos demonstrate how the technology can be dangerous.

    “Recent software updates, videos showing dangerous use of that technology, open investigations by the National Highway Traffic Safety Administration, and the opinions of other experts in this space,” have made the DMV think twice about Tesla, according to a letter sent to California’s Senator Lena Gonzalez (D-Long Beach), chair of the Senate’s transportation committee, and first reported by the LA Times.

    Tesla isn’t required to report the number of crashes to California’s DMV unlike other self-driving car companies like Waymo or Cruise because it operates at lower levels of autonomy and requires human supervision. But that may change after videos like drivers having to take over to avoid accidentally swerving into pedestrians crossing the road or failing to detect a truck in the middle of the road continue circulating.

    Continue reading
  • Alien life on Super-Earth can survive longer than us due to long-lasting protection from cosmic rays

    Laser experiments show their magnetic fields shielding their surfaces from radiation last longer

    Life on Super-Earths may have more time to develop and evolve, thanks to their long-lasting magnetic fields protecting them against harmful cosmic rays, according to new research published in Science.

    Space is a hazardous environment. Streams of charged particles traveling at very close to the speed of light, ejected from stars and distant galaxies, bombard planets. The intense radiation can strip atmospheres and cause oceans on planetary surfaces to dry up over time, leaving them arid and incapable of supporting habitable life. Cosmic rays, however, are deflected away from Earth, however, since it’s shielded by its magnetic field.

    Now, a team of researchers led by the Lawrence Livermore National Laboratory (LLNL) believe that Super-Earths - planets that are more massive than Earth but less than Neptune - may have magnetic fields too. Their defensive bubbles, in fact, are estimated to stay intact for longer than the one around Earth, meaning life on their surfaces will have more time to develop and survive.

    Continue reading

Biting the hand that feeds IT © 1998–2022