techUK attended CyberUK this week in Glasgow, the NCSC’s flagship cyber security conference. This blog is part of a series of insights from the two day event.
Representatives from each Five-Eyes intelligence agency joined a panel session this week at CyberUK 2019 in Glasgow.
The agencies in attendance were:
- National Cyber Security Centre (UK)
- NSA (US)
- Canadian Cyber Security Centre
- Protect, Assure, Enable (Australia)
- National Cyber Security Centre (New Zealand)
Chaired by Yasmin Brooks, Director of Cyber at the Department for Digital, Culture, Media and Sport (DCMS) the session explored issues such as how agencies can more effectively share intelligence and conduct joint operations. The discussion also touched on shared challenges each nation faces in the cyber domain, such as skills shortfalls, attracting a more diverse workforce, the security of elections and the proliferation of fake news.
One topic for discussion centred around how the alliance worked when member states took differing, and sometimes contradictory positions on key issues, particularly relating to Critical National Infrastructure. Panellists agreed that as each agency became more mature it was inevitable that differences would occur on specific issues but that these issues were often very complex. Some panellists suggested that whilst media attention might focus on one company, country or procurement, the wider landscape was often more complex with room for different interpretations of risk and threat. Indeed, one speaker suggested that the whole point of the alliance was to allow open and frank discussion and the panel agreed that none of their agencies would tolerate threats to their most sensitive networks.
Another key area discussed centred around incident response, with panellists focusing on how there is now a concerted effort to share intelligence which is actionable, not restricted by classification, and sharing in real time to allow time for organisations to mitigate against cyber threats. Furthermore, the panel explored how industry played a key role in incident response situations, often being the frontline facing cyber threats. Each panellist suggested that in future the collaboration between industry and agency would have to be strengthened and relied upon to ensure timely response and resilience.
Election security was also touched on during the session, with panellists each outlining how this issue effected their business. Interestingly, responsibilities for election security differed between each organisation slightly. However, the panel agreed that for elections there was absolutely no appetite for risks, posing challenges for those organisations supporting and protecting technology which can never be impenetrable. Underlined here was the role of the Five-Eyes in supporting each other through shared experience. All are at different points in their respective election cycles but with shared challenges each detailed how they were able to learn from each other and develop better practices in the face of fast-moving threat landscape.
Finally, some of the speakers reiterated the importance of doing the basic aspects of cyber security well, arguing that these were both remarkably boring and remarkably effective!