More than 100 delegates gathered at our annual event last week to discuss how the public sector can address their biggest security priorities and challenges, and tackle threats head on
Last week marked the ninth annual PublicTechnology Cyber Security Conference.
When the event was first held in the middle of the last decade, the National Cyber Security Centre did not exist, the devastation of the WannaCry ransomware attack was still two years away, the UK had yet to make plans to put its EU membership to a public vote and the founders of OpenAI – the firm behind ChatGPT – were preparing to incorporate a new non-profit tech research entity.
For security professionals, clearly, a lot has changed since then.
For the 100-plus public sector representatives who gathered at our event in London last week – including cyber and digital experts, as well as representatives from policy and operational delivery – there was, clearly, a lot to discuss.
Presentations and interactive sessions during the day addressed issues including how to engage a large and dispersed workforce in security objectives and the growing need to secure supply chains, as well as the best ways to tackle key challenges such as access to skills and the ongoing prevalence of legacy tech.
Here are eight things we learned.
Red teams shine light on password problems
The Ministry of Justice has its own in-house offensive security unit – commonly referred to as a red team – that proactively looks for vulnerabilities and weaknesses before hackers find them.
During the conference’s opening keynote, Amie Alekna, director of security and information at the MoJ, said the team “is certainly one of the first in a government department” and revealed its experts had performed an audit of Windows passwords across the department – and was able to crack 10,000 passwords in under two hours using less than £2,000 worth of computer hardware.
“We have strived to turn detection controls into protection controls. If something is detected a step too late, what you should be doing is protecting it from actually happening in the first place.”
John Keegan, DWP
Security chiefs must tackle the toughest tasks
For red teamers and other security professionals, advising co-workers of the perils of using all-too-easily guessable passwords and reminding them of their other security responsibilities may be mildly awkward for both parties. But, according to Alekna, cyber leaders should be prepared to engage in tricky conversations in order to address to biggest risks and those that may be most deeply rooted in an organisation’s operations.
This is especially true when there is a remit to secure a technology estate – and some of the most sensitive data handled by government – that includes 1,000 separate IT systems, 75% of which are considered legacy.
Alongside the tech itself, MoJ security experts need to provide cyber protection for 80,000 prisoners and 30 separate public bodies, operating from 900 locations around the country and employing 85,000 people. Some of whom may occasionally be asked by their colleagues to address potentially damaging cyber vulnerabilities.
“Sometimes there is a need to call out risk and tackle hard, underlying issues – rather than cherry-pick the easy wins,” Alekna said.
The importance of secure by design
The Central Digital and Data Office is currently working with experts across industries and government departments on defining key principles that government organisations can adopt to implement secure-by-design practices for developing services – which will be mandatory for departments to comply with.
The Cabinet Office-based digital unit will then develop new digital capability, guidance, assurance tools and best practices to support departments in the short and long term to ensure services are made with security embedded throughout the process.
DWP’s drive to develop skills
The public sector’s need for more cyber expertise – and from a wider range of sources – was a recurrent theme throughout the day.
Several speakers cited success stories of how their organisation had developed new talent, or hired budding security professionals from other industries.
One of the newest recruits to the cyber team at the Ministry of Justice – who joined via the civil service’s Fast Stream programme for future government leaders – had previously been a midwife, according to security chief Amie Alekna.
One in four cyber specialists at the Department for Work and Pensions, meanwhile, first joined as an apprentice or via programmes to retrain people from other professions, revealed the DWP’s head of digital security, John Keegan.
IT and OT convergence could heighten risks
The increasing integration of information and operational technologies could cause a large increase in attack surfaces, according to Ricard Fuertes, head of information security operations at Transport for Great Manchester. Fuertes said that, as OT systems become more digitised and connected, they become potential entry points for attackers.
“Organisations now need operational excellence, realism about security limitations, future-proofing, and sharing of resources with other public-sector organisations,” he said.
“Sometimes there is a need to call out risk and tackle hard, underlying issues – rather than cherry-pick the easy wins.”
Amie Alekna, Ministry of Justice
Destroying government’s legacy
A funding package of £2.6bn was provided in the last spending review to help address legacy issues across government. Alongside which, the Central Digital and Data Office announced last year that it was creating a risk framework to help assess the risks of departments’ ageing technology systems. The reference document has enabled the CDDO to identify 153 key assets requiring remediation, conference delegates were told.
The plan is to roll out the framework more widely across the public sector this year to help more organisations identity potential issues.
Securing the supply chain is crucial
Numerous speakers picked out the rising spectre of supply-chain attacks as one of the biggest – and fastest-growing – threats to public sector organisations.
The risks are amplified in a world characterised by geopolitical precarity, where nation states are wont to use cyberattacks as an offensive tool against enemies.
Carla Baker, senior director of government affairs at Palo Alto Networks, said supply chain attacks have gained a lot of attention recently due to vulnerabilities in software supply chains, and that “attacks to suppliers can impact organisations of all sizes and from all sectors”.
The National Cyber Security Centre first published a set of principles for supply chain security in 2018 and, earlier this year, the recently established Department for Science, Innovation and Technology provided resources specifically for local government with a dedicated guidance document “on how to incorporate cyber security considerations into supply chain management lifecycle of their connected places, with a particular focus on the procurement stage”.
The benefits of meeting threats at the edge
The well-worn idiom has it that prevention is better than cure. This ethos can be applied to cyber organisations’ cyber defences, according to DWP security chief John Keegan, who told conference attendees that his team is strives to “protect assets as close to the edge” of departmental networks as possible – rather than just reinforce critical systems within the network.
“We have strived to turn detection controls into protection controls,” he added. “If something is detected a step too late, what you should be doing is protecting it from actually happening in the first place.”
10TB Only Fans Mega ( Visit https://archiver.fans )
8TB Only Fans Mega ( Visit https://archiver.fans )
North Natt OnlyFans Mega Link Download
Barely Legal Lexi OnlyFans Mega Link Download
Lexi 2 Legit OnlyFans Mega Link Download
Its Lunar Liv OnlyFans Mega Link Download
Bulma XO OnlyFans Mega Link Download
Rubi Rose OnlyFans Mega Link Download
Emmanuel Lustin OnlyFans Mega Link Download ( Visit https://archiver.fans )
10TB Only Fans Mega ( Visit https://archiver.fans )
Lexi 2 Legit OnlyFans Mega Link Download
Taylor Hall OnlyFans Mega Link Download
10TB Only Fans Mega ( Visit https://archiver.fans )
Genesis Mia Lopez OnlyFans Mega Link Download
Caaart OnlyFans Mega Link Download
Buy Mega Links ( Visit https://archiver.fans )
Its Lunar Liv OnlyFans Mega Link Download
Genesis Mia Lopez OnlyFans Mega Link Download
벼룩시장 신문그대로보기 (구인구직, 부동산) 벼룩시장 신문그대로보기 바로가기 그리고 지역별 벼룩시장 종이신문그대로보기 방법 (구인구직, 부동산) 알아볼게요. 교차로신문 같이 벼룩시장은 지역별 일자리, 구인구직, 부동산 등 다양한 정보를 제공해요. 교차로신문그대로보기 바로가기는 아래에서 확인하고, 오늘은 벼룩시장 신문그대로보기 바로가기 그리고 사용법 섹스카지노사이트
Genesis Mia Lopez OnlyFans Mega Link Download
Hot 4 Lexi OnlyFans Mega Link Download ( Visit https://archiver.fans )
Jenise Hart OnlyFans Mega Link Download
GG With The WAP OnlyFans Mega Link Download
Yasmine Lopez OnlyFans Mega Link Download ( Visit https://archiver.fans )
Only Fans Leaks Mega Folders
GG With The WAP OnlyFans Mega Link Download
3TB Only Fans Mega
10TB Only Fans Mega ( Visit https://archiver.fans )
Black Ass Jenny OnlyFans Mega Link Download
Rubi Rose OnlyFans Mega Link Download
Mulan Hernandez OnlyFans Mega Link Download ( Visit https://archiver.fans )
Информационная статья представляет различные аргументы и контекст в отношении обсуждаемой темы.
Taylor Hall OnlyFans Mega Link Download
Only Fans Leaks Free Download
Crii Baby RiRi OnlyFans Mega Link Download ( Visit https://archiver.fans )
Ima Cri Baby OnlyFans Mega Link Download ( Visit https://archiver.fans )
10TB Only Fans Mega ( Visit https://archiver.fans )
https://www.pornhub.com/view_video.php?viewkey=ph5b590847deea1
One more thing I would like to mention is that rather than trying to fit all your online degree courses on days and nights that you finish off work (considering that people are exhausted when they return home), try to find most of your lessons on the weekends and only a couple courses for weekdays, even if it means a little time off your end of the week. This is really good because on the saturdays and sundays, you will be more rested along with concentrated upon school work. Thanks a bunch for the different points I have discovered from your blog.
Ima Cri Baby OnlyFans Mega Link Download ( Visit https://archiver.fans )
Rebecca J OnlyFans Mega Link Download ( Visit https://archiver.fans )
Hot 4 Lexi OnlyFans Mega Link Download ( Visit https://archiver.fans )
Rubi Rose OnlyFans Mega Link Download
Leah Mifsud OnlyFans Mega Link Download ( Visit https://archiver.fans )
Its Lunar Liv OnlyFans Mega Link Download
Genesis Mia Lopez OnlyFans Mega Link Download
Leah Mifsud OnlyFans Mega Link Download ( Visit https://archiver.fans )
Thank you, I’ve recently been searching for info about this subject for a while and yours is the best I’ve found out so far. However, what concerning the bottom line? Are you certain in regards to the source?
Only Fans Leaks Updates
Emmanuel Lustin OnlyFans Mega Link Download ( Visit https://archiver.fans )
Black Ass Jenny OnlyFans Mega Link Download
Im xXx Dark OnlyFans Mega Link Download ( Visit https://archiver.fans )
Buy Mega Links ( Visit https://archiver.fans )
Lexi 2 Legit OnlyFans Mega Link Download
Buy Leaked Only Fans ( Visit https://archiver.fans )
Mulan Hernandez OnlyFans Mega Link Download ( Visit https://archiver.fans )