Is it me or did anyone else pick up on the contradictory rhetoric coming from UK Government quarters last week?
Firstly we had The National Cyber Security Centre’s technical director Ian Levy accusing the security industry of “witchcraft” for deliberately creating unnecessary fear around cyber threats. Putting a spin on industry acronym APT he belittled hackers by referring to them as ‘Adequate Pernicious Toerags’, claiming that many attackers use older exploits and vulnerabilities with patches that are available, but not installed. By presenting hackers as super-skilled experts, however, he states that security companies are creating a climate of fear.
“Everything that we do as an industry is about making it sound really, really bad; because then you can’t possibly defend yourself,” – Ian Levy, Technical Director, NCSC
You can read IT Pro’s commentary on his statement here.
Cue Chancellor Philip Hammond who then announced the launch of the Government’s five year National Cyber Security Strategy underpinned by a £1.9bn ‘transformational’ investment. During his announcement speech he reeled off a string of well documented cyber breaches including Sony, TV5 Monde and TalkTalk and then stated…
“These attacks demonstrated what everyone here in this audience already knows about the reality of successful cyber-attacks: significant consequences including loss of customer data, significant financial costs, disruption of services, reputational damage, indeed threats to the infrastructure of the state itself. We have to respond to this threat.” – Chancellor Philip Hammond
Hammond went on to say that he wanted to make Britain “the most secure cyber environment anywhere; where government, business, security agencies and academia work together to defeat the hackers and the phishers, the criminals and the rogue states.”
You can read the full speech here.
So there you have it, one government official decrying the cyber security industry of fear mongering and implying that hackers are somewhat stupid. And the other acknowledging the hackers handy work in the rising severity and impact of cyber breaches, and embracing the cyber security industry as a key partner in combating cyber crime.
What’s that saying about left hand, right hand?
This article was first published on LinkedIn Pulse here.