NCSC founder details 'biggest regret' in underestimating organised cyber crime

A close-up of Ciaran Martin, NCSC founder, staring to the left
(Image credit: Getty Images)

Ciaran Martin, the founder of the National Security Cyber Centre (NCSC), has revealed that he regretted underestimating the strength of systematic organised crime when setting up the centre.

One thing Martin wished he had done differently when setting up the NCSC was to appreciate the criminal threat more quickly, he said during a keynote address at (ISC)2 Security Congress held earlier this month.

RELATED RESOURCE

Cost of a data breach report 2022

Discover the factors to help mitigate breach costs

FREE DOWNLOAD

Since the NCSC was descended from and parented by national security organisation GCHQ, Martin recalled that it was incentivised to focus on the big state threats.

“But then you look at all the harm done and we underestimated the potency of systematic organised crime often hosted in hostile jurisdictions like Russia, but not directly controlled by them,” said Martin.

The NCSC was founded in 2016 and acts as the country's leading hub of experts that are called on when needed to assist in the handling and remediation of cyber attacks against UK entities.

Martin said the idea to create the NCSC was borne out of a conversation he had in 2015 with then-Prime Minister David Cameron who expressed concern for rising cases of cyber attacks. By the time Martin left the authority, the International Telecommunications Union (ITU) raised the UK's global cyber security preparedness ranking from eight to first - a position that has now been regained by the US.

The founder also revealed his proudest achievement: launching a programme called active cyber defence, which aimed to tackle high-value commodity attacks that affects people’s everyday lives by providing free security services for organisations. However, he shared that he regrets naming the programme “active cyber defence” as it sounds, particularly to the US government, essentially like cyber war.

Martin recalled details of the programme and how it called for a partnership with the industry which aimed to automate the removal of websites with malicious code by using the NCSC’s data to help people take down the sites if they wanted to. The average time for a malicious website hosted in the UK went from 27 hours to 45 minutes.

The NCSC founder also highlighted that organisations should marry the increasingly powerful technical capabilities to detect malicious behaviour on networks with people’s ability to stop that from happening.

Martin recalled that during his time at the NCSC, he dealt with around 2,000 incidents, and in many of them the post-event forensics were of very high quality. This meant you could glean a large amount of information about what happened, as well as the specific time at which attacks occurred, but there was no communication of this at the time the attacks took place, which Martin agreed is quite hard to do.

He underlined that the ability to detect malicious behaviour retrospectively should essentially be brought further forward and secure it as far up the chain of production as possible.

“Because the further it gets to the poor little user at the end, trying to work out whether or not they should open this link, the more vulnerable it is,” he said.

Separately, the NCSC warned businesses in October to not become seduced by over-using phishing tests in their organisations. It claimed most implementations rarely offered an objective measure of an organisation’s defences and can end up wasting time and effort.

Zach Marzouk

Zach Marzouk is a former ITPro, CloudPro, and ChannelPro staff writer, covering topics like security, privacy, worker rights, and startups, primarily in the Asia Pacific and the US regions. Zach joined ITPro in 2017 where he was introduced to the world of B2B technology as a junior staff writer, before he returned to Argentina in 2018, working in communications and as a copywriter. In 2021, he made his way back to ITPro as a staff writer during the pandemic, before joining the world of freelance in 2022.