NCSC founder details 'biggest regret' in underestimating organised cyber crime
In a rare public address, Martin also detailed his proudest achievement and how the idea for the NCSC came to be
Ciaran Martin, the founder of the National Security Cyber Centre (NCSC), has revealed that he regretted underestimating the strength of systematic organised crime when setting up the centre.
One thing Martin wished he had done differently when setting up the NCSC was to appreciate the criminal threat more quickly, he said during a keynote address at (ISC)2 Security Congress held earlier this month.
Cost of a data breach report 2022
Discover the factors to help mitigate breach costsFree Download
Since the NCSC was descended from and parented by national security organisation GCHQ, Martin recalled that it was incentivised to focus on the big state threats.
“But then you look at all the harm done and we underestimated the potency of systematic organised crime often hosted in hostile jurisdictions like Russia, but not directly controlled by them,” said Martin.
The NCSC was founded in 2016 and acts as the country's leading hub of experts that are called on when needed to assist in the handling and remediation of cyber attacks against UK entities.
Martin said the idea to create the NCSC was borne out of a conversation he had in 2015 with then-Prime Minister David Cameron who expressed concern for rising cases of cyber attacks. By the time Martin left the authority, the International Telecommunications Union (ITU) raised the UK's global cyber security preparedness ranking from eight to first - a position that has now been regained by the US.
The founder also revealed his proudest achievement: launching a programme called active cyber defence, which aimed to tackle high-value commodity attacks that affects people’s everyday lives by providing free security services for organisations. However, he shared that he regrets naming the programme “active cyber defence” as it sounds, particularly to the US government, essentially like cyber war.
Martin recalled details of the programme and how it called for a partnership with the industry which aimed to automate the removal of websites with malicious code by using the NCSC’s data to help people take down the sites if they wanted to. The average time for a malicious website hosted in the UK went from 27 hours to 45 minutes.
The NCSC founder also highlighted that organisations should marry the increasingly powerful technical capabilities to detect malicious behaviour on networks with people’s ability to stop that from happening.
Martin recalled that during his time at the NCSC, he dealt with around 2,000 incidents, and in many of them the post-event forensics were of very high quality. This meant you could glean a large amount of information about what happened, as well as the specific time at which attacks occurred, but there was no communication of this at the time the attacks took place, which Martin agreed is quite hard to do.
He underlined that the ability to detect malicious behaviour retrospectively should essentially be brought further forward and secure it as far up the chain of production as possible.
“Because the further it gets to the poor little user at the end, trying to work out whether or not they should open this link, the more vulnerable it is,” he said.
Separately, the NCSC warned businesses in October to not become seduced by over-using phishing tests in their organisations. It claimed most implementations rarely offered an objective measure of an organisation’s defences and can end up wasting time and effort.
2022 State of the multi-cloud report
What are the biggest multi-cloud motivations for decision-makers, and what are the leading challengesFree Download
The Total Economic Impact™ of IBM robotic process automation
Cost savings and business benefits enabled by robotic process automationFree Download
Multi-cloud data integration for data leaders
A holistic data-fabric approach to multi-cloud integrationFree Download
MLOps and trustworthy AI for data leaders
A data fabric approach to MLOps and trustworthy AIFree Download