Following the UK’s national cyber security strategy, Foreign Secretary William Hague has announced plans for a Global Centre for Cyber Security to be based at Oxford Martin School at Oxford University. MOD DCB caught up with one of the experts involved in creating the strategy, Thales UK Director of Cyber Security Ross Parsell.
Foreign Secretary William Hague recently announced plans to open the Government’s new Global Centre for Cyber Security Capacity Building, to be based at the Oxford Martin interdisciplinary research school at the University of Oxford. With his experience as Managing Director at Thales EMEA and Managing Director at Ultra Electronics, Ross Parsell, currently Director of Cyber Security at Thales UK, was chosen to work with the Cabinet Office on the early stages of the UK’s cyber defence strategy.
Mr Parsell said: “The strategy aims to get cyber security talked about more in the boardroom, and at its highest level it aims to make the UK a good place to do business across the internet. The next focus will be on securing our supply chain, and I hope that will be one of the things Oxford will support.”
With £500,000 being invested annually in the new centre’s resources, the Government anticipates the centre will lead to global coordination of cyber policies, a move which will in turn help protect the UK.
Mr Parsell commented: “The centre could encourage other governments and industries to adopt best practice and create a marketplace for UK skills and exports. The ability to share it out and create a viable market will encourage others to come into UK businesses to deliver these skills and capabilities.”
To support this, the UK has committed £2 million a year to the National Cyber Security Programme. The establishment of the Global Centre for Cyber Security Capacity Building is a key element of this investment.
Mr Parsell added: “The centre will really give people focus to come together, talk about cyber problems and have a place to call a home. I think it will bring people together to run exercises and share best policies and procedures.”
The centre will work with foreign governments, international organisations and the private sector, to ensure increased and more effective efforts against the wide range of cyber issues and threats. It will examine the way organisations are attacked and how these attacks can be diverted.
The UK’s National Security Strategy categorises cyber attacks as a Tier One threat to the nation’s security, alongside international terrorism. Research shows that as many as 93 per cent of large corporations and 76 per cent of small businesses have reported a cyber breach in the past year.
Mr Parsell explained: “Now we don’t see spies on the ground any more – we see people being able to get into networks and take information away while staying at home. So the cyber threat has grown because we, the good guys, are using more online systems, databases and communications to send information between ourselves that has been made readily accessible through tricks and techniques.”
On average over 33,000 malicious emails are blocked at the gateway to the Government Secure intranet (GSi) every month. These are likely to contain – or link to – sophisticated malware. A far greater number of malicious but less sophisticated emails and spam are blocked each month too.
Terrorists, rogue states and cyber criminals are cited as those targeting computer systems in the UK.
Mr Parsell said: “There is a threat to national security, but it is also about gathering packages of information from other areas and the loss of intellectual property from other organisations. The other aspect is that there can be reputational damage, by hackers making your website stop working or putting slanderous comments on your website, and loss of reputation takes time to recover.”
To prevent such damage the Strategic Defence and Security Review outlined a new National Cyber Security Programme to strengthen the UK’s cyber capacity.
The programme will bring together various regulatory bodies to offer businesses and individuals advice and safeguards. Some of the groups involved are: the Office of Cyber Security and Information Assurance (OCSIA); the Home Office; the Ministry of Defence; the Government Communications Headquarters (GCHQ); the Centre for the Protection of National Infrastructure (CPNI); the Foreign and Commonwealth Office; and the Department for Business, Innovation and Skills.
While this programme offers advice for businesses, the new Oxford centre will complement it by providing a training hub to address the UK cyber skills shortage.
Mr Parsell noted: “There is a cyber skills shortage in the UK; Thales is massively recruiting and we are struggling to find the right candidates. At the graduate end we don’t see people focused on the cyber skills that we need so we need to undertake our own training programme.”
The Global Centre for Cyber Security Capacity Building will not only create a focus for the development of cyber skills, but also feed out into other academic areas to provide the training for cyber engineers and consultants.