A post by Professor Chris Hankin, Director ISST
I’ve just returned from the Cyber Security Show 2016, held 8-9 March 2016 at the Business Design Centre, Islington. This incorporated an exhibition and conference, one of the major annual cyber security conferences in the UK, for which I was Chairman for the two days.
It is a particularly interesting time in the world of Cyber Security. Just a month ago, President Obama launched the U.S. Cybersecurity National Action Plan. The measures announced include the creation of a Commission on Enhancing National Cybersecurity, a $3.1bn Information Technology Modernization Fund, a new National Cybersecurity Awareness Campaign to empower Americans to better secure their online accounts, and a $19bn investment in cyber during the 2017 Fiscal year. A significant amount of the detail in the announcement concerned the protection of Critical National Infrastructure (CNI). This announcement echoed our own Chancellor of the Exchequer’s speech in Cheltenham last autumn in which he committed £1.9bn to the renewal of the UK’s National Cyber Security Programme. Highlights in the UK plan include better coordination of security efforts through a National Cyber Centre, the creation of an Institute of Coding to address the skills shortage, and significant investment in supporting innovation. The threat to the UK’s CNI also featured prominently in his speech.
The Cyber Security Show reflected these concerns about the threat to CNI and the skills shortage. Key themes which recurred in a number of conference presentations concerned the mechanisms for ensuring better collaboration between Government, industry and academia, and the need for more information sharing. Another recurring theme was the difficulty of attributing cyber attacks. Like many others I went to the show certain that the December 2015 attack on the Ukrainian power grid was a long term attack based on the BlackEnergy trojan, but the jury is now out and it seems that the attack might have just been the opportunistic exploitation of poor cyber hygiene.
The Cyber Security Show, as with all such events, gave me the opportunity to catch up with old friends as well as making new contacts, both at Government level (UK, Estonia, Italy and NATO to name a few) and industry. I hope that some of these will lead to new collaborations for the Institute and I will keep you posted.