The first rule of Security Club is don’t talk about security — or, more accurately, don’t get so overzealous about security that you stop delivering value to the business. We need to talk about business value, not security.

Many security professionals have fallen into this hole, and it’s easy to see how. Any security briefing will tell you that the capability, sophistication and volume of cyberattacks hitting the U.K. on a daily basis is growing, seemingly exponentially. You can see how people connect the dots and start thinking about super secure, dedicated data centers and 10-digit passwords that change every day.

But that is the wrong answer. Even if you follow all those best practices, you wouldn’t increase your security posture that much. It would be a total waste of time if the economy goes into free fall because no one can do any work.

Introducing the UK’s National Cyber Security Centre

That is why I am so pleased by the launch of the U.K. government’s National Cyber Security Centre (NCSC). This team really knows about IT security and has seen the ugly truth about how good the bad can be, yet it does not advocate impossible-to-implement standards. Here is an organization that uses the cloud extensively and promotes simpler password rules.

In short, the NCSC is rethinking the old tried-and-true security techniques that have been developed over the years and instead asking, “Why?” This is just the kind of fresh approach we need to make the U.K. one of the safest places to do business online in an affordable and realistic way.

The Potential of Cognitive Security

A security regime breaks down into three parts: prevent, detect and respond. Up until now, security teams have always focused on the prevention component — getting the basics right — and a certain amount of detection — knowing when the basics were not enough. But just knowing you have a problem is not enough. As an old friend of mine in the Royal Navy once said, “Knowing you have a missile coming in is a good start, but little comfort if you can’t do anything about it.”

Once we know we have a potentially successful cyberattack, we have to turn our attention to identifying what is happening to which parts of our system. Then we must move quickly and precisely to coordinate our response in a consistent and audited manner. This is where IBM sees the great power of cognitive computing, in which we leverage machine learning and reasoning engines to help human security teams quickly identify the attack, which elements of the systems are affected and what would be the best way to respond.

We can use automation and integration to enrich the information at every step of the process to support decision-makers and help them become informed and coordinated across the entire organization, not just IT. In this way, we can reduce weeks of intense work to hours or minutes.

Talk About Security at CYBERUK 2017

IBM Security is proud to sponsor CYBERUK 2017, the U.K. government’s biggest and most influential information assurance and cybersecurity event to date, to show support for this major initiative.

Visit our stand (H1) in the exhibition area to talk about security with IBM Security experts and try our virtual reality security operations center (SOC) experience. Through a VR headset, visitors will experience the process of detecting a threat using the latest technologies, including QRadar, Watson for Cyber Security and Resilient, our security orchestration, automation, and response (SOAR) platform, to locate and mitigate a threat at speed and scale.

For those wishing to gain a deeper understanding of these technologies in action, we will be running a Cognitive Security Operations Center Workshop on Tuesday, March 14, to show how machine learning and cognition, when integrated with an incident response platform, can help the U.K. government and critical national infrastructure industries.

Learn more and register to attend CyberUK 2017

More from Government

Updated SBOM guidance: A new era for software transparency?

3 min read - The cost of cyberattacks on software supply chains is a growing problem, with the average data breach costing $4.45 million in 2023. Since President Biden’s 2021 executive order, software bills of materials (SBOMs) have become a cornerstone in protecting supply chains.In December 2023, the National Security Agency (NSA) published new guidance to help organizations incorporate SBOMs and combat the threat of supply chain attacks.Let’s look at how things have developed since Biden’s 2021 order and what these updates mean for…

Roundup: Federal action that shaped cybersecurity in 2023

3 min read - As 2023 draws to a close, it’s time to look back on our top five federal cyber stories of the year: a compilation of pivotal moments and key developments that have significantly shaped the landscape of cybersecurity at the federal level.These stories highlight the challenges federal agencies faced in securing digital infrastructure in the past year and explore the evolving nature of cyber threats, as well as the innovative responses required to address them.New White House cybersecurity strategyThe White House’s…

ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware

12 min read - As of December 2023, IBM X-Force has uncovered multiple lure documents that predominately feature the ongoing Israel-Hamas war to facilitate the delivery of the ITG05 exclusive Headlace backdoor. The newly discovered campaign is directed against targets based in at least 13 nations worldwide and leverages authentic documents created by academic, finance and diplomatic centers. ITG05’s infrastructure ensures only targets from a single specific country can receive the malware, indicating the highly targeted nature of the campaign. X-Force tracks ITG05 as…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today