News
GCHQ chief claims that free market is failing cyber security - expert comment
November 2015 by
According to a speech made by GCHQ director Robert Hannigan, the free market is
failing cyber security in the UK. He said the government has to intervene to prevent
businesses getting attacked, adding that the global cyber security market is “not
quite right” and that standards need to be improved.
If you are planning on writing a story on this, feel free to use the commentary
below, which comes from Brendan Rizzo, technical director EMEA at HPE Security -
Data Security.
"Cyber security is a cat and mouse game between bad actors on one side, and
industry, academia and government on the other side. It is well known that cyber
criminals constantly share intelligence with each other to better uncover and
exploit weaknesses in would-be targets. I feel that Mr Hannigan’s speech accurately
underscored the need for these three distinct groups of "good guys" to work together
to mount the best defence against the real and determined threat posed by these
cyber criminals.
In the meantime, technology continues to evolve at a startling pace and the need for
diligent protection of sensitive data only increases. Fuelled by steadily
increasing demand from businesses, this pace is tempered only by the very real data
security question that must always be asked: is there a viable way to embrace these
new technologies without introducing undue risk to the data and the customers that
this data represents? There is a seemingly endless number of companies bringing
products to market trying to address different angles of securing these evolving
platforms , but the next eighteen months will see clear leaders emerging. Many
companies that are here today will be long forgotten in a year’s time. It is
therefore critical for companies to embrace protection technologies that are backed
by standards that have been ratified by industry, Government and academia alike.
Standards like the new mode of AES (AES-FFX) which allows encrypted text retain its
original format. This type of technology represents vetted best of breed security
that companies can deploy for immediate protection with full confidence that it will
stand the test of time.
We have seen some security laws and industry-driven regulation have a very positive
effect on the protection of sensitive data. On the other hand, too much regulation
carries with it the fear that it will stifle the ability for industry to operate
efficiently and effectively in a competitive marketplace. The partnerships that Mr
Hannigan references between Government, industry and academia must continue to be
fostered in order to find that right balance between both sides of this debate."
For any further information, or to speak with Brendan, please do get in touch.
