Cyber security complacency puts UK at risk, says NCSC head

The UK has made good progress on overall cyber security, but a sense of complacency risks upsetting the apple cart and too many people are still not taking cyber security issues as seriously as they should, according to Lindy Cameron, recently appointed CEO of the UK’s National Cyber Security Centre (NCSC).

In her first speech in the role, to be delivered later today (26 March) to a virtual audience at Queen’s University Belfast, home to one of the UK’s leading cyber research units, Cameron will pay tribute to the “bold” decision to create a public-facing security unit within GCHQ, while warning against complacency in today’s dangerous and challenging threat landscape.

Cameron will outline why she has come to believe that everyone in the UK has a role to play, saying that basic cyber hygiene is now an important life skill, and digital and cyber literacy should be non-negotiable in the business world.

“The cyber security landscape we see now in the UK reflects huge progress and relative strength – but it is not a position we can be complacent about,” Cameron will say. “Cyber security is still not taken as seriously as it should be, and simply is not embedded into the UK’s boardroom thinking.

“The pace of change is no excuse – in boardrooms, digital literacy is as non-negotiable as financial or legal literacy. Our CEOs should be as close to their CISO as their finance director and general counsel.

“And we want to help them to develop this knowledge, as we’re all too aware that cyber skills are not yet fundamental to our education – even though these are life skills like wiring a plug or changing a tyre, as well as skills for the future digital economy.”

Citing recent examples such as the Microsoft Exchange ProxyLogon attacks, the SolarWinds breaches, and an epidemic of ransomware attacks, Cameron will set out how she envisions the NCSC as helping to increase the country’s security resilience – ushering in a new era of “technological ambition, agility and internationalism” in line with the government’s goal of making the UK one of the safest countries in the world to live and work online.

“The National Cyber Security Centre –…