WIREDGOV

Nicola Hudson, Director for Communications at the NCSC, speaking to attendees at CYBERUK 2018 and sets the tone for In Practice.

Good morning and welcome to CYBERUK2018.

My name is Nicola Hudson and I am the Director of Communications. I am co-chairing this event with Karen D, who leads the technical capability area here at the NCSC, and Dr Ian Levy, who will close the event (In Practice) tomorrow afternoon.

Thank you for joining us here at our annual Cyber Security Conference.

Thanks also to our main conference sponsors, Amazon Web Services and NCC Group. Also, to our networking sponsor Trend Micro and to all our other sponsors and exhibitors.  Without your support, we would not be able to hold this event, so thank you.

I am particularly pleased that the NCSC, a government agency, is here in the city of Manchester – you will see evidence throughout the conference of the Manchester worker bee, the best-known symbol of Manchester, adopted during the Industrial revolution and coming back into prominence post the terrible terrorist attack last year.

We chose Manchester as a venue, not only to show our support for the city, but because of its thriving media and digital sector, as well as a world class university; one that I attended myself many years ago in the footsteps of GCHQ’s own codebreaker Alan Turing, who became Reader of Mathematics here in 1948.

The national future is digital - it's why we are here, collectively working to make the UK the safest place to live and do business online.

Just today you may have seen a new report published in partnership with the NCA, our latest annual assessment of the threat to UK businesses. The scale and diversity of the threat is growing all the time. A key conclusion of the report was that industry and government need to work ever more closely together to combat this threat.

To do this we need to be the very best in the world at what we do, to approach and do things differently, using maths, behavioural sciences, linguistics, psychology, law, computer sciences – in partnership with you.

From the moment we started up 18 months ago, I hope you have noticed a different approach. As you would expect technology is at the heart of what we do but so too is communications, the two working hand-in-hand.  We are leading the way in our work on ACD implementing evidence-based strategies and solutions. However, the next generation of ACD will be reliant on industry adopting them if they are going to have the pan-UK protective benefit we hope they will achieve.

Our partnership work continues through Industry 100 working alongside each other. A drive to share and disseminate threat assessments and intelligence, not just between government agencies but with you and even wider to the public at large. In the last year we have published nearly 300 blogs, assessments and reports. Raising awareness of the threat and inspiring behaviour change amongst individuals and organisations, is crucial to delivering a safer digital Britain.

Our challenge in this is to protect our citizens, our CNI and businesses to ensure that as technology changes it is not exploited but used for good. The benefits of using new technology outweigh the risks.

To achieve this, we need the help of all of you, practitioners working in the cyber security industry, in government, in academia and the third sector.

We need to build a safer digital Britain and to do that we’ll need a cyber industry that is innovative, diverse and agile.

The two days of In Practice provide all of us as a community with the opportunity to share our views, our ideas, and lessons we’ve learned along the way.

We have designed the conference to be as interactive as possible, so there will be plenty of opportunity for you to take part in discussion, have your say, contribute ideas and take part in cyber games and challenges.

We’ve made it interactive, not just to make sure that you all have a great time, although that of course is important, but so that we can all work together as a community to share best practice and build a safer digital Britain.

Over the next two days, you will have the opportunity to benefit from the efforts of our technical teams who have reached out to leaders in their fields across the world to bring you a truly diverse perspective on the threats, challenges, issues and solutions we are all working so hard together on.

We have four tracks of technical content that we’ve handily categorised with ‘chilli’ ratings so that you can match the sessions you attend to your tech appetite.

And you’ll hear from a range of delegates who’ve competed to give lightning talks and will be able to visit the Cyber Den to hear innovations from across the North West region.

We’ve brought back, with our industry partners, the highly popular ‘Cyber Games’ where you can pit your wits against hacking challenges. Featuring a Cyber Games at CyberUK is quite fitting because cyber security, as you’ll know yourselves, is a team sport.

We need to bring together people from a range of disciplines and backgrounds to work together on this. We are delighted to welcome people from all the professions that must come together to deliver effective security, not just those who might directly think of themselves as primarily security people. We also need to bring to bear the widest pool of talent that we possibly can and that means we need a much more diverse workforce. As a public service organisation, we need to reflect the population that we’re serving.  A more diverse workforce is essential to this. It makes us more effective.

You will know that there is no magic switch to improve on the lack of diversity in this sector.  However, we have been taken aback ourselves at how hard making even the smallest in-road has been.

As an organisation we are determined to look at diversity in its widest sense, not just talking about the lack of women, but socio-economic factors, regional and cultural differences, disability, BAME and the LBGT community. We celebrate the diversity of thinking which has made the NCSC and GCHQ world-leaders. Without true diversity we are in danger of group-think, behaviour challenges and quite frankly we will not tap into the skills we need.  We are looking at immediate things we can do, medium term plans and generational change.  All have their own challenges.

Take this conference for immediate actions – a pledge for no all-male panels.  This has been very difficult; we have a range of phenomenal speakers, all here for their expertise in their area but it has been something we have had to actively work at, question ourselves and think about our own networks.

Medium-term actions – we are looking at our policies and processes, how we recruit and just as importantly retain the diverse pool of talent we need.

In terms of long-term actions – we have just run the second year of our hugely successful CyberFirst Girls competition here in Manchester. This was done in partnership with 50 companies. Over 4,500 girls aged between 12-13 competed. Being on the judging panel, it was clear how passionate and engaged they were at this age. We hope they continue on this cyber journey joining us on our cyber courses, residentials, bursary and apprentice programme. However, we need to do more. We obviously had a lot of girls – 100 per cent – and we had good BAME representation, but we are looking at what more we can do to reach those girls in poor performing schools without the support and network, the excluded and those with disabilities.

Even with these and other initiatives, we cannot do this alone, this is where we all need to work together, learn from each other and build on successes. To this end I ask you to think about posting a diversity pledge at the conference and also, use this conference as an opportunity to work, engage and collaborate with us for a safer digital Britain.

On that note, a big thank you to all the NCSC teams who have worked hard in putting this event on, inviting speakers, working with sponsors and curating content to start the conversation off today.

Thank you for listening and have a great CYBERUK18!