THE director of GCHQ wants tech companies and not their customers to take on more of the burden of cybersecurity.
Jeremy Fleming on Wednesday will deliver the keynote speech at a major conference in Glasgow on online safey for individuals and businesses.
His main message? That GCHQ's National Cyber Security Centre or NCSC has already strengthened Britain's defences from hackers, phishers and other digital criminals.
But Mr Fleming will also say the body plans “to do more to take the burden of cyber security away from the individual".
According to excerpts of his speech issued in advance, he will add: "We will continue to work closely with device manufacturers and online platform providers to build security into their products and services at the design stage.
"We will work with ISPs to enhance the security of internet-connected devices in the home. And we will share intelligence with banks to enable them to alert customers to threats in close to real time.”
A recent cyber security survey found just 15% of people know how to protect themselves on the internet. There are some signs of progress.
Mr Fleming is expected to set out how the NCSC will seek to expand the cyber security ecosystem by using “its unique insights into the structural vulnerabilities of the internet in partnership with business to detect, disrupt and fix malicious online behaviour.”
GCHQ said he would draw on the success of the Active Cyber Defence programme which uses automation to block attacks at scale in order to make the internet safer for people to use.
In March the UK-hosted share of global phishing dropped below 2% for the first time. That is down from 5.4% in 2016 when the programme began.
In 2016, HMRC was the 16th most phished brand globally, accounting for 1.25% of all phishing emails sent. Today, according to NCSC, it is ranked 146th and accounts for less than 0.1% of all phishing emails.
For Mr Fleming, cyber security is only possible if the UK has a "genuinely national effort – with more connections and deeper cooperation with the private sector and even closer working with our partners and allies.”
That means government sharing intelligence with industry, he will say, and that ntelligence must flow both ways.
He will say that “we have made it simple for our analysts to share time-critical, secret information in a matter of seconds. With just one click, this information can be shared and action taken. In the coming year, we will continue to scale this capability so – whether it’s indicators of a nation state cyber actor, details of malware used by cyber criminals or credit cards being sold on the Dark Web – we will declassify this information and get it back to those who can act on it.”
GCHQ and the leaders of all Five Eyes - the intelligence gathering networks of Britain, America, Canada, Australia and New Zealand - will all appear at the CYBERUK conference in Glasgow. That will be the first time they share a public stage.
Some 2500 people are expected to attend the event, which is at the SECC.
Why are you making commenting on The Herald only available to subscribers?
It should have been a safe space for informed debate, somewhere for readers to discuss issues around the biggest stories of the day, but all too often the below the line comments on most websites have become bogged down by off-topic discussions and abuse.
heraldscotland.com is tackling this problem by allowing only subscribers to comment.
We are doing this to improve the experience for our loyal readers and we believe it will reduce the ability of trolls and troublemakers, who occasionally find their way onto our site, to abuse our journalists and readers. We also hope it will help the comments section fulfil its promise as a part of Scotland's conversation with itself.
We are lucky at The Herald. We are read by an informed, educated readership who can add their knowledge and insights to our stories.
That is invaluable.
We are making the subscriber-only change to support our valued readers, who tell us they don't want the site cluttered up with irrelevant comments, untruths and abuse.
In the past, the journalist’s job was to collect and distribute information to the audience. Technology means that readers can shape a discussion. We look forward to hearing from you on heraldscotland.com
Comments & Moderation
Readers’ comments: You are personally liable for the content of any comments you upload to this website, so please act responsibly. We do not pre-moderate or monitor readers’ comments appearing on our websites, but we do post-moderate in response to complaints we receive or otherwise when a potential problem comes to our attention. You can make a complaint by using the ‘report this post’ link . We may then apply our discretion under the user terms to amend or delete comments.
Post moderation is undertaken full-time 9am-6pm on weekdays, and on a part-time basis outwith those hours.
Read the rules here