In-depth

Who should be Britain’s cyber security czar?

Experts reveal what a UK head of cyber security would need to do, while we put forward possible candidates for the role.

Slowly but surely, politicians are really starting to take the threat of cyber security more seriously.

Reports claim that Prime Minister Gordon Brown is set to announce a national security centre to combat the threat of foreign hackers.

This comes in parallel with US efforts to set up its own cyber security agency focusing its efforts on cyber defence, as well as attack.

US President Obama is also looking for someone to lead the security effort a cyber security czar who has direct contact with the White House.

The UK is already working towards a US-styled cyber agency but does it also need a figurehead a czar dedicated soley to cyber security? The opposition party seems to think so.

Last year, the Tories called for the appointment of a new cyber security minister as part of growing measures to combat the threat.

The role of a cyber security czar

So if the government did appoint a cyber security czar, what would he or she need to do?

Rik Ferguson, a security expert at Trend Micro, said that the first job of a prospective security czar would be to "eliminate the low-hanging fruit" that invites criminal activity on both public and business networks.

He said that IT policies around things such as Windows Autorun, passwords, up to date software and application/operating system (OS) patching left much to be desired.

"It is documented that Conficker, for example, infected both parliament and the Ministry of Defence, and this absolutely should not have happened,"he said.

"We should not have to wait for the next infiltration of government networks to find out which simple areas of IT security are neglected," he added.

Ferguson also said that the czar also needed to conduct a root and branch review of all systems connected to government secure networks.

Kevin Hogan, security expert at Symantec, said that this was a very complex issue, and debate about a new role shouldn't overlook the fact that a lot of activity was already taking place to protect businesses and consumers.

He said: "If this role was to be created it will need to be taken by someone who has an in-depth understanding of the existing regulatory infrastructure in the UK and Europe, if they are to be able to make a difference.

"There are a number of stark differences between the US and UK approaches to cyber security currently and a one-sized approach will not fit all."

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Most Popular

Why you should prioritise privileged access management
Sponsored

Why you should prioritise privileged access management

9 Oct 2020
IT services giant Sopra Steria falls victim to Ryuk ransomware
Security

IT services giant Sopra Steria falls victim to Ryuk ransomware

23 Oct 2020
The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020