UK CRITICAL National Infrastructure (CNI) organisations must take steps to ensure cyber leaders have the right budget, skills and ‘tech stack’ to build out and implement an effective cyber security strategy or they risk an exodus of skilled cyber security professionals. That’s according to new research conducted by UK cyber security services firm Bridewell.

The research, which surveyed UK cyber security decision-makers in the communications, utilities, finance, Government and transport and aviation sectors, reveals that 95% are experiencing factors that would make them likely to leave their role in the next 12 months.

Over four-in-ten (42%, in fact) of respondents feel that a breach is inevitable and don’t want to tarnish their career, while 40% suggest that they’re experiencing stress and burnout which is negatively impacting their personal life.

The prospect of people leaving jobs is particularly problematic for CNI organisations at a time when the threat of attacks remains high. Over two-thirds of UK CNI cyber leaders state that the volume of threats and successful attacks has increased over the past year, while 69% believe it’s now harder to detect and respond to threats.

Fears of staff leaving are also compounded by the ongoing skills shortage in the sector with 68% of respondents saying it has become harder to recruit the right resources to secure and monitor systems over the past year.

SKILLS FOR Security has forged a new strategic partnership with SecuriGroup whereby the skills body will become the latter’s preferred fire and security apprenticeship provider. Going forward, Skills for Security will be working with SecuriGroup on assisting the security business during the recruitment process for new apprenticeship positions and also on ensuring that learners receive maximum support throughout their course.

Skills for Security is recognised as the leading fire and security apprenticeship training provider in the UK. The organisation currently supports over 400 apprentices across its centres located in Warrington, Birmingham, Scotland and Oxford, with its Watford centre opening in mid-2022.

Given the huge skills shortage in the fire and security industry’s at present, Skills for Security works with employers right across the UK to provide the next generation of engineers with the necessary tools and knowledge they require for a successful career.

Ranked in the top 1% of UK security companies approved by the Security Industry Authority, SecuriGroup is an award-winning security business specialising in the provision of security guarding, augmented security and systems solutions, mobile patrolling and key holding, events security and close protection services.

The most common form of cyber attack was phishing attempts (83%), although of the 39% of businesses mentioned, around one-in-five (21%) identified a more sophisticated attack type such as a Denial of Service, malware or ransomware-focused episode.

Within the group of organisations reporting cyber attacks, 31% of businesses and 26% of charities estimate that they were attacked at least once each week and one-in-five businesses (20%) and charities (19%) say they experienced a negative outcome as a direct consequence of each cyber episode.

Issue for the business community

Martin Smith MBE, founder and chair of the SASIG, said: “It’s clear from these latest Government findings that cyber attacks are still very much an issue for British businesses, be they small or large in scale. The findings illustrate that the impacts of these attacks are operational and financial, with the estimated average cost of attacks in the last 12 months amounting to £4,200 and rising to £19,400 when looking specifically at medium and large-scale businesses. The Government itself admits that these figures are also probably underreported, which is extremely worrying.”

Smith went on to comment: “While many businesses are working to prevent such attacks and put plans in place to deal with them when they do occur, it’s abundantly clear that more work needs to be done in this area.”

The survey has identified key areas of weakness, which include the fact that almost half of businesses (46%) had not taken action to identify cyber security risks in the past 12 months. There are broader supply chain issues in terms of cyber security and a lack of understanding of cyber risks at Board level.

Smith concluded: “Threats are constantly evolving, so it follows that having clear and concise cyber security procedures that are respected and adhered to business-wide is going to be key for building robust resilience.”

Read the full story here.

Liberty’s application to appeal was approved on five grounds, two of which the Government conceded on. In its application to appeal, Liberty argued the safeguards in the Snoopers’ Charter (the Investigatory Powers Act 2016) breach privacy and free expression rights as they do not protect against the dangers of bulk powers. According to the civil rights group, the latter allow spies to scoop up the private communications and Internet data of swathes of the population, hack into computers, smart phones and tablets and create vast ‘personal datasets’ without suspicion.

In response to preliminary legal filings, the Government admitted that it could not contest two parts of Liberty’s application to appeal. It conceded that the safeguards around the use of surveillance powers do not protect journalistic confidentiality. The Government further admitted the safeguards fail to protect the right to privacy when masses of intercepted data are searched in a way that can identify people without proper authorisation.

As well as those issues, the High Court found that Liberty’s other arguments must be heard at appeal, including that safeguards in the Snoopers’ Charter regarding sharing intercepted material with overseas Governments and around lawyer-client communications were inadequate. Judges also found that Liberty’s arguments over the power to create “bulk personal datasets” must also be heard at appeal. A hearing is now expected later this year.

Read the full story here.

POLICE SCOTLAND has become the first UK police force to implement UAV video technology with the capability to live-stream from drones and helicopters. The newly deployed ExStream UAV Streamer, developed by Excelerate Technology, was customised to improve situational awareness across air-to-ground operations, solving the long-term issue of the feed only being visible to a single operator or otherwise a ground-based unit.

The UAV Streamer connects to existing UAVs and other video devices and delivers the video into Excelerate’s ExStream video streaming service even when only low bandwidths are available from the field. From there, users can access the remote streams via dedicated iOS and Android applications, Windows and Mac clients in addition to a secure web portal.

Police Scotland commissioned the complete package to be in place to stream helicopter downlink into the Control Room during COP26 in November last year.

Real-time aerial view

Inspector Nicholas Whyte of Police Scotland’s Air Support Unit stated: “Police Scotland remains focused on providing officers with innovative solutions that help us to keep people safe. The Excelerate technology allows the Air Support Unit to downlink live footage from the helicopter or drone to any Control Room in Scotland, to police commanders on the ground and to officers’ police-issued mobile devices who are directly involved with the incident. This gives those involved a real-time aerial view of events, enabling them to make better informed decisions about an operation or search as well as maintaining officer and public safety.”

David Savage, founder and CEO at Excelerate, explained: “Our solution to allow streaming from a helicopter to the Control Room during COP26 is a perfect example of Excelerate’s DNA in action. The challenge was to provide a robust end-to-end solution to very specific requirements. We did so through the problem-solving and ‘outside of the box’ thinking that have been our hallmark over two decades of experience and investment in secure infrastructure and connectivity ecosystems for UK and overseas Emergency Services.”

Read the full article here.