Cyber UK 2019 GCHQ's director-general has called for more public trust in the controversial British spy agency.
Jeremy Fleming told the Cyber UK conference in Glasgow this morning that his agency "must have the legal, ethical and regulatory regimes to foster public trust, without which we just don't have a licence to operate in cyberspace".
As well as the expected boilerplate about extending UK.gov's surveillance and control of the internet in order to make Britain the "safest place in the world" online, Fleming also betrayed the eavesdropping agency's Achilles' heel: its public image.
In the post-Snowden world, even spies and related government agencies have recognised that without at least a base of public support for their aims, the wider tech industry will continue to shut them out by implementing ever more sophisticated levels of encryption in consumer-grade products.
Continuing a low-key theme that has been growing over the past few years, he also called for more public acknowledgement of GCHQ's own hacking capabilities, saying the spy agency "has to have the ability in accordance with international law to project cyber power, to disrupt, deny or degrade our adversaries".
"The point I want to make today is cybersecurity is an essential part of [a] wider cyber power framework. Indeed, I'd argue its the most important part," he said. "If that's true, getting cybersecurity right is critical for the UK's future. Whilst I think we've made a good start, the next stage of our strategy is even more critical. It'll need a national effort if it's to succeed."
In a wide-ranging speech, Fleming declared GCHQ "will continue to work closely with device manufacturers and online platform providers to build security into their products and services at the design stage. We will work with ISPs to enhance the security of internet-connected devices in the home," adding that the spy agency "will share intelligence with banks to enable them to alert customers to threats in close to real time."
He also praised the UK government's "online harms" whitepaper and vowed that GCHQ would support its aims using "its unique insights into the structural vulnerabilities of the internet, in partnership with business, to detect, disrupt and fix malicious online behaviour".®