UK Cyber Security

Caley Robertson

Assistant Director, Cyber Security Exports, Critical Infrastructure

November 2014

The UK’s Cyber Security Strategy

2

The National Cyber Security Programme (NCSP) will spend £860m over five

years, across the full range of our objectives.

Delivering in partnership

3

Cyber Growth Partnership

(and OGDs)

November 2014 – Caley Robertson – UK Cyber Security

Partnering industry, academia & society

4

A basic cyber hygiene for organisations of all types.

Part of CERT-UK. Enables members to share cyber threat vulnerability information and reduce vulnerabilities.

Businesses can receive up to £5,000 to increase their cyber security.

A public campaign to increase cyber confidence and improve online safety of consumers and SMEs.

11 Academic Centres of Excellence for Cyber Security Research at UK universities

November 2014 – Caley Robertson – UK Cyber Security

Partnering to protect critical infrastructureMuch of the UK’s CNI is owned and operated by the private sector

Industrial control systems - centralised systems that monitors and controls the

industrial process or series of processes - operate infrastructure in all major

industrial sectors.

5Document title

Cyber risks to CNI

6

Gas Pipeline ExampleMonitors pressure and temperature, maintains target conditions for example by activating local valves or air conditioning systems. A successful attack could tell theICS system the pipeline is under-pressured…

November 2014 – Caley Robertson – UK Cyber Security

Integrity Availability

Confidentiality

ICS can be difficult to protect

7

• Propriety technology in legacy systems• Anomalies are more prevalent – so attacks can

be difficult to diagnose• Systems can’t be easily patched or upgraded• No (or limited) access to test environments• Massively dispersed assets with frequent need for remote access• Additional threat vectors – e.g. commands that cannot be blocked

due to safety issues (alarms, for example)

CNI within the UK’s Cyber Security Strategy

November 2014 – Caley Robertson – UK Cyber Security

The UK’s Cyber Security CapabilitiesThe UK ranks No 1 in their Cyber Power Indexby Booz Allen Hamilton and the Economist Intelligence Unit

8November 2014 – Caley Robertson – UK Cyber Security

22% growth in the UK cyber security

industry in 2013