According to a speech made by GCHQ director Robert Hannigan, the free market is failing cyber security in the UK. He said the government has to intervene to prevent businesses getting attacked, adding that the global cyber security market is “not quite right” and that standards need to be improved. Brendan Rizzo, technical director EMEA at HPE Security – Data Security commented on the speech.
“Cyber security is a cat and mouse game between bad actors on one side, and industry, academia and government on the other side. It is well known that cyber criminals constantly share intelligence with each other to better uncover and exploit weaknesses in would-be targets. I feel that Mr Hannigan’s speech accurately underscored the need for these three distinct groups of “good guys” to work together to mount the best defence against the real and determined threat posed by these cyber criminals.
In the meantime, technology continues to evolve at a startling pace and the need for diligent protection of sensitive data only increases. Fuelled by steadily increasing demand from businesses, this pace is tempered only by the very real data security question that must always be asked: is there a viable way to embrace these new technologies without introducing undue risk to the data and the customers that this data represents? There is a seemingly endless number of companies bringing products to market trying to address different angles of securing these evolving platforms , but the next eighteen months will see clear leaders emerging. Many companies that are here today will be long forgotten in a year’s time. It is therefore critical for companies to embrace protection technologies that are backed by standards that have been ratified by industry, Government and academia alike. Standards like the new mode of AES (AES-FFX) which allows encrypted text retain its original format. This type of technology represents vetted best of breed security that companies can deploy for immediate protection with full confidence that it will stand the test of time.
We have seen some security laws and industry-driven regulation have a very positive effect on the protection of sensitive data. On the other hand, too much regulation carries with it the fear that it will stifle the ability for industry to operate efficiently and effectively in a competitive marketplace. The partnerships that Mr Hannigan references between Government, industry and academia must continue to be fostered in order to find that right balance between both sides of this debate.”