In-depth

Who should be Britain’s cyber security czar?

Experts reveal what a UK head of cyber security would need to do, while we put forward possible candidates for the role.

Slowly but surely, politicians are really starting to take the threat of cyber security more seriously.

Reports claim that Prime Minister Gordon Brown is set to announce a national security centre to combat the threat of foreign hackers.

This comes in parallel with US efforts to set up its own cyber security agency focusing its efforts on cyber defence, as well as attack.

US President Obama is also looking for someone to lead the security effort a cyber security czar who has direct contact with the White House.

Advertisement
Advertisement - Article continues below

The UK is already working towards a US-styled cyber agency but does it also need a figurehead a czar dedicated soley to cyber security? The opposition party seems to think so.

Last year, the Tories called for the appointment of a new cyber security minister as part of growing measures to combat the threat.

The role of a cyber security czar

So if the government did appoint a cyber security czar, what would he or she need to do?

Rik Ferguson, a security expert at Trend Micro, said that the first job of a prospective security czar would be to "eliminate the low-hanging fruit" that invites criminal activity on both public and business networks.

He said that IT policies around things such as Windows Autorun, passwords, up to date software and application/operating system (OS) patching left much to be desired.

"It is documented that Conficker, for example, infected both parliament and the Ministry of Defence, and this absolutely should not have happened,"he said.

"We should not have to wait for the next infiltration of government networks to find out which simple areas of IT security are neglected," he added.

Ferguson also said that the czar also needed to conduct a root and branch review of all systems connected to government secure networks.

Kevin Hogan, security expert at Symantec, said that this was a very complex issue, and debate about a new role shouldn't overlook the fact that a lot of activity was already taking place to protect businesses and consumers.

Advertisement
Advertisement - Article continues below

He said: "If this role was to be created it will need to be taken by someone who has an in-depth understanding of the existing regulatory infrastructure in the UK and Europe, if they are to be able to make a difference.

"There are a number of stark differences between the US and UK approaches to cyber security currently and a one-sized approach will not fit all."

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now
Advertisement

Most Popular

Visit/security/identity-and-access-management-iam/354289/44-million-microsoft-customers-found-using
identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/network-internet/wifi-hotspots/354283/industrial-wi-fi-6-trial-reveals-blistering-speeds
wifi & hotspots

Industrial Wi-Fi 6 trial reveals blistering speeds

5 Dec 2019
Visit/hardware/354237/five-signs-that-its-time-to-retire-it-kit
Sponsored

Five signs that it’s time to retire IT kit

29 Nov 2019