Surprising sources for skills and 10,000 problem passwords – eight things we learned at PT Cyber Security Conference

More than 100 delegates gathered at our annual event last week to discuss how the public sector can address their biggest security priorities and challenges, and tackle threats head on

Last week marked the ninth annual PublicTechnology Cyber Security Conference.

When the event was first held in the middle of the last decade, the National Cyber Security Centre did not exist, the devastation of the WannaCry ransomware attack was still two years away, the UK had yet to make plans to put its EU membership to a public vote and the founders of OpenAI – the firm behind ChatGPT – were preparing to incorporate a new non-profit tech research entity.

For security professionals, clearly, a lot has changed since then.

For the 100-plus public sector representatives who gathered at our event in London last week – including cyber and digital experts, as well as representatives from policy and operational delivery – there was, clearly, a lot to discuss.

Presentations and interactive sessions during the day addressed issues including how to engage a large and dispersed workforce in security objectives and the growing need to secure supply chains, as well as the best ways to tackle key challenges such as access to skills and the ongoing prevalence of legacy tech.

Here are eight things we learned.

Red teams shine light on password problems

The Ministry of Justice has its own in-house offensive security unit – commonly referred to as a red team – that proactively looks for vulnerabilities and weaknesses before hackers find them.

During the conference’s opening keynote, Amie Alekna, director of security and information at the MoJ, said the team “is certainly one of the first in a government department” and revealed its experts had performed an audit of Windows passwords across the department – and was able to crack 10,000 passwords in under two hours using less than £2,000 worth of computer hardware.

“We have strived to turn detection controls into protection controls. If something is detected a step too late, what you should be doing is protecting it from actually happening in the first place.”

John Keegan, DWP

Security chiefs must tackle the toughest tasks

Amie Alekna speaking at the PT Cyber Security Conference

For red teamers and other security professionals, advising co-workers of the perils of using all-too-easily guessable passwords and reminding them of their other security responsibilities may be mildly awkward for both parties. But, according to Alekna, cyber leaders should be prepared to engage in tricky conversations in order to address to biggest risks and those that may be most deeply rooted in an organisation’s operations.

This is especially true when there is a remit to secure a technology estate – and some of the most sensitive data handled by government – that includes 1,000 separate IT systems, 75% of which are considered legacy.

Alongside the tech itself, MoJ security experts need to provide cyber protection for 80,000 prisoners and 30 separate public bodies, operating from 900 locations around the country and employing 85,000 people. Some of whom may occasionally be asked by their colleagues to address potentially damaging cyber vulnerabilities.

“Sometimes there is a need to call out risk and tackle hard, underlying issues – rather than cherry-pick the easy wins,” Alekna said.

The importance of secure by design

The Central Digital and Data Office is currently working with experts across industries and government departments on defining key principles that government organisations can adopt to implement secure-by-design practices for developing services – which will be mandatory for departments to comply with.

The Cabinet Office-based digital unit will then develop new digital capability, guidance, assurance tools and best practices to support departments in the short and long term to ensure services are made with security embedded throughout the process.


DWP’s drive to develop skills

The public sector’s need for more cyber expertise – and from a wider range of sources – was a recurrent theme throughout the day.

Several speakers cited success stories of how their organisation had developed new talent, or hired budding security professionals from other industries.

One of the newest recruits to the cyber team at the Ministry of Justice – who joined via the civil service’s Fast Stream programme for future government leaders – had previously been a midwife, according to security chief Amie Alekna.

One in four cyber specialists at the Department for Work and Pensions, meanwhile, first joined as an apprentice or via programmes to retrain people from other professions, revealed the DWP’s head of digital security, John Keegan.

IT and OT convergence could heighten risks

The increasing integration of information and operational technologies could cause a large increase in attack surfaces, according to Ricard Fuertes, head of information security operations at Transport for Great Manchester. Fuertes said that, as OT systems become more digitised and connected, they become potential entry points for attackers.

“Organisations now need operational excellence, realism about security limitations, future-proofing, and sharing of resources with other public-sector organisations,” he said.

“Sometimes there is a need to call out risk and tackle hard, underlying issues – rather than cherry-pick the easy wins.”

Amie Alekna, Ministry of Justice


Destroying government’s legacy

A funding package of £2.6bn was provided in the last spending review to help address legacy issues across government. Alongside which, the Central Digital and Data Office announced last year that it was creating a risk framework to help assess the risks of departments’ ageing technology systems. The reference document has enabled the CDDO to identify 153 key assets requiring remediation, conference delegates were told.

The plan is to roll out the framework more widely across the public sector this year to help more organisations identity potential issues.

Securing the supply chain is crucial

Numerous speakers picked out the rising spectre of supply-chain attacks as one of the biggest – and fastest-growing – threats to public sector organisations.

The risks are amplified in a world characterised by geopolitical precarity, where nation states are wont to use cyberattacks as an offensive tool against enemies.

Carla Baker, senior director of government affairs at Palo Alto Networks, said supply chain attacks have gained a lot of attention recently due to vulnerabilities in software supply chains, and that “attacks to suppliers can impact organisations of all sizes and from all sectors”.

The National Cyber Security Centre first published a set of principles for supply chain security in 2018 and, earlier this year, the recently established Department for Science, Innovation and Technology provided resources specifically for local government with a dedicated guidance document “on how to incorporate cyber security considerations into supply chain management lifecycle of their connected places, with a particular focus on the procurement stage”.

The benefits of meeting threats at the edge

The well-worn idiom has it that prevention is better than cure. This ethos can be applied to cyber organisations’ cyber defences, according to DWP security chief John Keegan, who told conference attendees that his team is strives to “protect assets as close to the edge” of departmental networks as possible – rather than just reinforce critical systems within the network.

“We have strived to turn detection controls into protection controls,” he added. “If something is detected a step too late, what you should be doing is protecting it from actually happening in the first place.”

Sam Trendall and Murielle Gonzalez

Learn More →

56 thoughts on “Surprising sources for skills and 10,000 problem passwords – eight things we learned at PT Cyber Security Conference

  1. Hot 4 Lexi Only Fans Leaks November 20, 2024 at 10:28 pm

    10TB Only Fans Mega ( Visit https://archiver.fans )

  2. Leah Mifsud Only Fans Leaks November 20, 2024 at 11:45 pm

    8TB Only Fans Mega ( Visit https://archiver.fans )

  3. Mega Link Shop November 21, 2024 at 5:46 pm

    North Natt OnlyFans Mega Link Download

  4. Free Only Fans Leaks November 22, 2024 at 12:58 am

    Barely Legal Lexi OnlyFans Mega Link Download

  5. GG With The WAP Only Fans Leaks November 22, 2024 at 4:22 am

    Lexi 2 Legit OnlyFans Mega Link Download

  6. Only Fans Leaks Free Download November 22, 2024 at 5:42 am

    Its Lunar Liv OnlyFans Mega Link Download

  7. Mega Link Store November 22, 2024 at 3:09 pm

    Bulma XO OnlyFans Mega Link Download

  8. Daalischus Rose Only Fans Leaks November 22, 2024 at 3:18 pm

    Rubi Rose OnlyFans Mega Link Download

  9. Leah Mifsud Only Fans Leaks November 22, 2024 at 3:57 pm

    Emmanuel Lustin OnlyFans Mega Link Download ( Visit https://archiver.fans )

  10. 10TB Only Fans Mega November 22, 2024 at 4:08 pm

    10TB Only Fans Mega ( Visit https://archiver.fans )

  11. Im xXx Dark Only Fans Leaks November 22, 2024 at 5:24 pm

    Lexi 2 Legit OnlyFans Mega Link Download

  12. Only Fans Leaks Mega Folders November 23, 2024 at 9:43 am

    Taylor Hall OnlyFans Mega Link Download

  13. Hot 4 Lexi Only Fans Leaks November 23, 2024 at 12:07 pm

    10TB Only Fans Mega ( Visit https://archiver.fans )

  14. Buy Leaked Only Fans November 23, 2024 at 8:08 pm

    Genesis Mia Lopez OnlyFans Mega Link Download

  15. Fansly Leaks Mega Link November 23, 2024 at 9:23 pm

    Caaart OnlyFans Mega Link Download

  16. Barely Legal Lexi Only Fans Leaks November 23, 2024 at 10:57 pm

    Buy Mega Links ( Visit https://archiver.fans )

  17. Mega Link Store November 24, 2024 at 1:36 am

    Its Lunar Liv OnlyFans Mega Link Download

  18. Barely Legal Lexi Only Fans Leaks November 25, 2024 at 1:50 am

    Genesis Mia Lopez OnlyFans Mega Link Download

  19. 송도콜걸출장섹스마사지 November 25, 2024 at 12:05 pm

    벼룩시장 신문그대로보기 (구인구직, 부동산) 벼룩시장 신문그대로보기 바로가기 그리고 지역별 벼룩시장 종이신문그대로보기 방법 (구인구직, 부동산) 알아볼게요. 교차로신문 같이 벼룩시장은 지역별 일자리, 구인구직, 부동산 등 다양한 정보를 제공해요. 교차로신문그대로보기 바로가기는 아래에서 확인하고, 오늘은 벼룩시장 신문그대로보기 바로가기 그리고 사용법 섹스카지노사이트

  20. Emmanuel Lustin Only Fans Leaks November 25, 2024 at 3:01 pm

    Genesis Mia Lopez OnlyFans Mega Link Download

  21. Ima Cri Baby Only Fans Leaks November 25, 2024 at 9:04 pm

    Hot 4 Lexi OnlyFans Mega Link Download ( Visit https://archiver.fans )

  22. Yasmine Lopez Only Fans Leaks November 26, 2024 at 11:50 am

    Jenise Hart OnlyFans Mega Link Download

  23. Corinna Kopf Only Fans Leaks November 26, 2024 at 4:30 pm

    GG With The WAP OnlyFans Mega Link Download

  24. Yasmine Lopez Only Fans Leaks November 26, 2024 at 6:29 pm

    Yasmine Lopez OnlyFans Mega Link Download ( Visit https://archiver.fans )

  25. Updated Only Fans Leaks November 26, 2024 at 7:27 pm

    Only Fans Leaks Mega Folders

  26. Daalischus Rose Only Fans Leaks November 26, 2024 at 7:51 pm

    GG With The WAP OnlyFans Mega Link Download

  27. Gina WAP Only Fans Leaks November 27, 2024 at 8:57 am

    3TB Only Fans Mega

  28. Buy Only Fans Leaks November 27, 2024 at 10:56 am

    10TB Only Fans Mega ( Visit https://archiver.fans )

  29. Corinna Kopf Only Fans Leaks November 27, 2024 at 11:59 am

    Black Ass Jenny OnlyFans Mega Link Download

  30. Caaart Only Fans Leaks November 27, 2024 at 3:58 pm

    Rubi Rose OnlyFans Mega Link Download

  31. TheRealRebeccaJ Only Fans Leaks November 27, 2024 at 7:37 pm

    Mulan Hernandez OnlyFans Mega Link Download ( Visit https://archiver.fans )

  32. http://vgpl5.by/ November 28, 2024 at 10:04 pm

    Информационная статья представляет различные аргументы и контекст в отношении обсуждаемой темы.

  33. Mikaila Dancer Only Fans Leaks November 30, 2024 at 3:45 am

    Taylor Hall OnlyFans Mega Link Download

  34. Buy Fansly Leaks November 30, 2024 at 5:48 am

    Only Fans Leaks Free Download

  35. Buy Fansly Leaks November 30, 2024 at 11:31 am

    Crii Baby RiRi OnlyFans Mega Link Download ( Visit https://archiver.fans )

  36. Gina WAP Only Fans Leaks December 1, 2024 at 4:03 am

    Ima Cri Baby OnlyFans Mega Link Download ( Visit https://archiver.fans )

  37. Barely Legal Lexi Only Fans Leaks December 1, 2024 at 5:45 am

    10TB Only Fans Mega ( Visit https://archiver.fans )

  38. 송도출장섹스마사지 December 1, 2024 at 12:11 pm

    https://www.pornhub.com/view_video.php?viewkey=ph5b590847deea1

  39. Beauty Fashion December 1, 2024 at 6:43 pm

    One more thing I would like to mention is that rather than trying to fit all your online degree courses on days and nights that you finish off work (considering that people are exhausted when they return home), try to find most of your lessons on the weekends and only a couple courses for weekdays, even if it means a little time off your end of the week. This is really good because on the saturdays and sundays, you will be more rested along with concentrated upon school work. Thanks a bunch for the different points I have discovered from your blog.

  40. TheRealRebeccaJ Only Fans Leaks December 1, 2024 at 7:58 pm

    Ima Cri Baby OnlyFans Mega Link Download ( Visit https://archiver.fans )

  41. Itz Grippy TV Only Fans Leaks December 2, 2024 at 1:45 am

    Rebecca J OnlyFans Mega Link Download ( Visit https://archiver.fans )

  42. North Natt Only Fans Leaks December 2, 2024 at 5:18 pm

    Hot 4 Lexi OnlyFans Mega Link Download ( Visit https://archiver.fans )

  43. GG With The WAP Only Fans Leaks December 2, 2024 at 7:32 pm

    Rubi Rose OnlyFans Mega Link Download

  44. Emmanuel Lustin Only Fans Leaks December 3, 2024 at 4:10 am

    Leah Mifsud OnlyFans Mega Link Download ( Visit https://archiver.fans )

  45. North Natt Only Fans Leaks December 3, 2024 at 5:26 am

    Its Lunar Liv OnlyFans Mega Link Download

  46. Leah Mifsud Only Fans Leaks December 3, 2024 at 7:05 am

    Genesis Mia Lopez OnlyFans Mega Link Download

  47. Ima Cri Baby Only Fans Leaks December 3, 2024 at 11:32 am

    Leah Mifsud OnlyFans Mega Link Download ( Visit https://archiver.fans )

  48. Hairstyles December 3, 2024 at 10:17 pm

    Thank you, I’ve recently been searching for info about this subject for a while and yours is the best I’ve found out so far. However, what concerning the bottom line? Are you certain in regards to the source?

  49. Emmanuel Lustin Only Fans Leaks December 4, 2024 at 8:43 am

    Only Fans Leaks Updates

  50. Only Fans Leaks Updates December 4, 2024 at 11:02 am

    Emmanuel Lustin OnlyFans Mega Link Download ( Visit https://archiver.fans )

  51. Ima Cri Baby Only Fans Leaks December 4, 2024 at 1:28 pm

    Black Ass Jenny OnlyFans Mega Link Download

  52. Bulma XO Only Fans Leaks December 4, 2024 at 2:47 pm

    Im xXx Dark OnlyFans Mega Link Download ( Visit https://archiver.fans )

  53. Emmanuel Lustin Only Fans Leaks December 4, 2024 at 3:37 pm

    Buy Mega Links ( Visit https://archiver.fans )

  54. Im xXx Dark Only Fans Leaks December 5, 2024 at 3:39 am

    Lexi 2 Legit OnlyFans Mega Link Download

  55. Rubi Rose Only Fans Leaks December 5, 2024 at 5:25 am

    Buy Leaked Only Fans ( Visit https://archiver.fans )

  56. North Natt Only Fans Leaks December 5, 2024 at 7:09 am

    Mulan Hernandez OnlyFans Mega Link Download ( Visit https://archiver.fans )

Leave a Reply

Your email address will not be published. Required fields are marked *