UK CRITICAL National Infrastructure (CNI) organisations must take steps to ensure cyber leaders have the right budget, skills and ‘tech stack’ to build out and implement an effective cyber security strategy or they risk an exodus of skilled cyber security professionals. That’s according to new research conducted by UK cyber security services firm Bridewell.
The research, which surveyed UK cyber security decision-makers in the communications, utilities, finance, Government and transport and aviation sectors, reveals that 95% are experiencing factors that would make them likely to leave their role in the next 12 months.
Over four-in-ten (42%, in fact) of respondents feel that a breach is inevitable and don’t want to tarnish their career, while 40% suggest that they’re experiencing stress and burnout which is negatively impacting their personal life.
The prospect of people leaving jobs is particularly problematic for CNI organisations at a time when the threat of attacks remains high. Over two-thirds of UK CNI cyber leaders state that the volume of threats and successful attacks has increased over the past year, while 69% believe it’s now harder to detect and respond to threats.
Fears of staff leaving are also compounded by the ongoing skills shortage in the sector with 68% of respondents saying it has become harder to recruit the right resources to secure and monitor systems over the past year.
SKILLS FOR Security has forged a new strategic partnership with SecuriGroup whereby the skills body will become the latter’s preferred fire and security apprenticeship provider. Going forward, Skills for Security will be working with SecuriGroup on assisting the security business during the recruitment process for new apprenticeship positions and also on ensuring that learners receive maximum support throughout their course.
Skills for Security is recognised as the leading fire and security apprenticeship training provider in the UK. The organisation currently supports over 400 apprentices across its centres located in Warrington, Birmingham, Scotland and Oxford, with its Watford centre opening in mid-2022.
Given the huge skills shortage in the fire and security industry’s at present, Skills for Security works with employers right across the UK to provide the next generation of engineers with the necessary tools and knowledge they require for a successful career.
Ranked in the top 1% of UK security companies approved by the Security Industry Authority, SecuriGroup is an award-winning security business specialising in the provision of security guarding, augmented security and systems solutions, mobile patrolling and key holding, events security and close protection services.
The most common form of cyber attack was phishing attempts (83%), although of the 39% of businesses mentioned, around one-in-five (21%) identified a more sophisticated attack type such as a Denial of Service, malware or ransomware-focused episode.
Within the group of organisations reporting cyber attacks, 31% of businesses and 26% of charities estimate that they were attacked at least once each week and one-in-five businesses (20%) and charities (19%) say they experienced a negative outcome as a direct consequence of each cyber episode.
Issue for the business community
Martin Smith MBE, founder and chair of the SASIG, said: “It’s clear from these latest Government findings that cyber attacks are still very much an issue for British businesses, be they small or large in scale. The findings illustrate that the impacts of these attacks are operational and financial, with the estimated average cost of attacks in the last 12 months amounting to £4,200 and rising to £19,400 when looking specifically at medium and large-scale businesses. The Government itself admits that these figures are also probably underreported, which is extremely worrying.”
Smith went on to comment: “While many businesses are working to prevent such attacks and put plans in place to deal with them when they do occur, it’s abundantly clear that more work needs to be done in this area.”
The survey has identified key areas of weakness, which include the fact that almost half of businesses (46%) had not taken action to identify cyber security risks in the past 12 months. There are broader supply chain issues in terms of cyber security and a lack of understanding of cyber risks at Board level.
Smith concluded: “Threats are constantly evolving, so it follows that having clear and concise cyber security procedures that are respected and adhered to business-wide is going to be key for building robust resilience.”
Liberty’s application to appeal was approved on five grounds, two of which the Government conceded on. In its application to appeal, Liberty argued the safeguards in the Snoopers’ Charter (the Investigatory Powers Act 2016) breach privacy and free expression rights as they do not protect against the dangers of bulk powers. According to the civil rights group, the latter allow spies to scoop up the private communications and Internet data of swathes of the population, hack into computers, smart phones and tablets and create vast ‘personal datasets’ without suspicion.
In response to preliminary legal filings, the Government admitted that it could not contest two parts of Liberty’s application to appeal. It conceded that the safeguards around the use of surveillance powers do not protect journalistic confidentiality. The Government further admitted the safeguards fail to protect the right to privacy when masses of intercepted data are searched in a way that can identify people without proper authorisation.
As well as those issues, the High Court found that Liberty’s other arguments must be heard at appeal, including that safeguards in the Snoopers’ Charter regarding sharing intercepted material with overseas Governments and around lawyer-client communications were inadequate. Judges also found that Liberty’s arguments over the power to create “bulk personal datasets” must also be heard at appeal. A hearing is now expected later this year.
POLICE SCOTLAND has become the first UK police force to implement UAV video technology with the capability to live-stream from drones and helicopters. The newly deployed ExStream UAV Streamer, developed by Excelerate Technology, was customised to improve situational awareness across air-to-ground operations, solving the long-term issue of the feed only being visible to a single operator or otherwise a ground-based unit.
The UAV Streamer connects to existing UAVs and other video devices and delivers the video into Excelerate’s ExStream video streaming service even when only low bandwidths are available from the field. From there, users can access the remote streams via dedicated iOS and Android applications, Windows and Mac clients in addition to a secure web portal.
Police Scotland commissioned the complete package to be in place to stream helicopter downlink into the Control Room during COP26 in November last year.
Real-time aerial view
Inspector Nicholas Whyte of Police Scotland’s Air Support Unit stated: “Police Scotland remains focused on providing officers with innovative solutions that help us to keep people safe. The Excelerate technology allows the Air Support Unit to downlink live footage from the helicopter or drone to any Control Room in Scotland, to police commanders on the ground and to officers’ police-issued mobile devices who are directly involved with the incident. This gives those involved a real-time aerial view of events, enabling them to make better informed decisions about an operation or search as well as maintaining officer and public safety.”
David Savage, founder and CEO at Excelerate, explained: “Our solution to allow streaming from a helicopter to the Control Room during COP26 is a perfect example of Excelerate’s DNA in action. The challenge was to provide a robust end-to-end solution to very specific requirements. We did so through the problem-solving and ‘outside of the box’ thinking that have been our hallmark over two decades of experience and investment in secure infrastructure and connectivity ecosystems for UK and overseas Emergency Services.”
Security and preparedness need to be built into London’s fabric and effective protection against terrorist attack must be a city-wide endeavour, concluded Lord Toby Harris in a second review of London’s preparedness for a terrorist attack and implications of the covid-19 pandemic for the capital’s immediate and long-term preparedness.
Lord Harris has made 294 recommendations; covering funding of the emergency services and equipment; specialist training for teams to deal with types of attacks, and improving information sharing, given the shared responsibility of countering terrorism, including by businesses and civil society.
He said in a foreword to the report: “My broad conclusion is that very substantial progress has been made by the emergency services and other agencies in response to my 2016 report and in following up the lessons of the attacks in 2017 and subsequently. I have been impressed by much of the work that has gone on, and in the detail and care that has been devoted to analysing what happened in the attacks on Westminster Bridge, on London Bridge, at Finsbury Park, at Parsons Green, at Fishmongers Hall, in Streatham and, of course, at Manchester Arena.”
He went on to say that London bears the highest risk of terrorism in the UK, ‘containing as it does the largest number of high-profile targets and the greatest concentration of subjects of interest. I do not believe that this is always adequately recognised in the national allocation of resources’. While acknowledging the recent rise in police number under the Boris Johnson Conservative Government, he said this will mean ‘a disproportionately high number of officers with limited experience’ and a shortage of detectives.
The London Ambulance Service is particularly stretched, he wrote. However, many services, especially those in local government, are essential in preventing terrorism and ensuring preparedness. “Ten years of austerity has left youth provision, mental health services, and the voluntary and community sector under-resourced – in some cases woefully so. The consequences of further cuts will be to leave the network that enables society to respond to those who need support to avoid falling into violent extremism, and to respond effectively and rapidly to an emergency incident, spread worryingly thin.”
Background
In July, the Mayor of London, Sadiq Khan, commissioned the Labour peer Lord Harris to review of London’s preparedness for a terrorist attack. The backdrop; the changing nature of the threat of terrorism including online extremism, more referrals to the UK authorities’ Prevent programmes for concerns of extreme right-wing radicalisation, more people self-radicalising online and a possibility of hostile state-sponsored acts.
Lord Harris’s first review was commissioned by the Mayor in 2016. Over the last six months, Lord Harris has had over 100 interviews with the emergency services, the transport sector, City Hall, and local government, besides with civil servants from several central government departments, the Speaker of the House of Commons Sir Lindsay Hoyle, and Parliament’s Director of Security.
MITIE HAS been awarded a new integrated facilities management (IFM) contract by the Cumbria Consortium, which includes Sellafield Ltd. The contract is worth up to £500 million. With an initial term of five years, and an option to extend for up to five more years, Mitie will provide all facilities management services across the sites, including security, engineering, cleaning, waste management, grounds maintenance, catering and specialist projects.
In addition to Sellafield Ltd, the contract will also cover locations across Cumbria and Warrington.
Mitie first began its relationship with Sellafield Ltd, Europe’s largest nuclear site, back in 2003 when it secured a cleaning contract for the facility. Mitie’s relationship with Sellafield has evolved over nearly 20 years as the service requirement has expanded through competitive tenders and awards to cover a full IFM offer across all of the Cumbria Consortium sites. Circa 650 Mitie colleagues now work on the contract.
As well as its significant experience gained in supporting the Cumbria Consortium and delivering services that comply with strict nuclear regulation, Mitie’s social value commitments were also key to its successful retender.
In line with Mitie’s commitment to support the development of future talent through apprenticeships, the business has also committed to upskilling at least 30 colleagues per annum via an apprenticeship, as well as supporting 20 apprentices within Mitie’s supply chain and wider business.
Further to this, the Mitie team will provide a number of work experience opportunities for young people resident in the local community.
Mitie plans to make significant investment in initiatives to support the local community, such as offering local entrepreneurs an opportunity to pitch for investment through a Dragon’s Den-style competition, as well managing a ‘Leader to Leader’ mentoring programme for up to 20 leaders of local SMEs and voluntary community social enterprise organisations.
WORKING IN partnership with the UK Cyber Security Council, the Security Awareness Special Interest Group (SASIG) recently brought together hundreds of future cyber security professionals with leading employers in the sector at the third SASIG Cyber Security Skills Festival. The virtual festival showcased the challenges, opportunities and rewards available from a career in cyber security.
The Department for Digital, Culture, Media and Sport recently revealed that employment across the cyber security industry rose by 13% during 2021, with more than 6,000 new jobs created, in turn opening up a raft of opportunities for individuals up and down the UK. This growth has witnessed the total number of people working in cyber in the UK rise to 52,700.
The SASIG Cyber Security Skills Festival attracted more than 600 delegates and featured an entire day of presentations and workshops. The jobs fair ran alongside the main event and hosted 37 organisations from all sectors, among them 73 UK universities and public bodies. The day engendered 865 conversations and realised 4,618 chat messages.
Delegates learned about building a successful career from both seasoned professionals and recent graduates. In addition, over 1,000 job applications were submitted at the jobs fair and helped fill vacancies being advertised by firms hungry to find new talent.
Martin Smith MBE, founder and chairman of SASIG (and who began his cyber security career with the Royal Air Force back in 1981), has reiterated the fact that the Cyber Security Skills Festival’s key objective was to boost the profile of cyber security as a rewarding career and attract new entrants.
Smith explained: “Cyber security is every bit as much a ‘people’ business as it is one necessarily focused on technology. It embraces management, people and technical skills and, as demand grows, there are huge opportunities. This year, we made a strategic move to reach out beyond our traditional cyber security community and seek to attract new entrants from all areas. Whether you’re a historian, a musician or an engineer, there are opportunities at all levels. We want to help our community bridge the skills gap.”
Europe and UAE will see a surge in the deployment of advanced video technologies according to new research conducted by the global market intelligence firm IDC
The majority (84%) of European and UAE organizations plan to deploy advanced video technologiesVideo technology has moved beyond the realm of just being confined to the security industryVideo-AI solutions can run scans to match the faces of a suspected person with a criminal database
Europe and UAE will see a surge in the deployment of advanced video technologies according to new research conducted by the global market intelligence firm IDC.
Technology developments in AI, image processing, cloud computing, and sensors are rapidly expanding organizations’ application of video and sensor technology and the business outcomes they deliver.