DCMS cyber security newsletter June 2022
Published 21 June 2022
1. Director’s message
Last month I attended CyberUK, the UK government’s flagship cyber security event, in Newport. It was great to see so much of the industry represented and I thoroughly enjoyed the opportunity to reconnect with colleagues and partners, as well as being able to speak with the people behind some truly innovative businesses and ideas. The best part of the event was hosting the Cyber Den, which provided companies that had taken part in our growth and innovation programmes the chance to showcase their ideas in front of a panel of judges. I would like to once again congratulate Exalens and Capslock, whose strong pitches meant they were crowned the joint winners this year.
Looking ahead, we have Infosecurity Europe taking place on 21 to 23 June at the ExCeL in London. Infosecurity Europe is the biggest gathering of the information security community in Europe and is another great opportunity to share innovation, learn from each other, build relationships and support growth of the cyber security ecosystem. Once again, the Department for Digital, Culture, Media and Sport (DCMS) is running the UK’s Most Innovative Cyber SME 2022 competition, in partnership with Infosecurity Europe and techUK.
Finally, the Product Security and Telecommunications Infrastructure Bill continues its progression through Parliament having successfully passed its third reading in the Commons. It now moves to the Lords for a second reading this month. This Bill will ensure there are minimum security standards for products that connect to the internet, such as smart cameras.
Erika Lewis
Director
Cyber Security and Digital Identity
2. UK’s most innovative cyber SME 2022 finalists announced
Fourteen of the UK’s most creative and original information security businesses have been shortlisted in the UK’s Most Innovative Cyber SME 2022 contest, run by DCMS in partnership with Infosecurity Europe and techUK.
The companies are:
- Blackwired - Cyber threat intelligence and aggregation platform
- C2 Cyber - Vendor risk management experts
- Conatix - AI and other fields of technology applications to insider fraud
- CyberHive - provider of cybersecurity solutions that help organisations move into the cloud
- IOETEC - specialist in securing data for IoT devices
- iQuila - military-grade encryption and security communications protocols
- NquiringMinds - data sharing and data analytics from edge to cloud
- Praeferre Ltd - solutions to control and monetise data
- RKVST - Zero Trust expert
- Red Maple Technologies -technical cyber security consultancy
- Risk Ledger - a platform to keep on top of supply chain security
- SafeShark - helping manufacturers navigate cybersecurity standards for IoT
- TryHackMe - hands-on security training through real-world scenarios
- Worldr - Secure communications expert
All the finalists will appear on the Innovation Zone at Infosecurity Europe, which takes place on 21 to 23 June, with the winner being announced during the event. As part of their package the winners will get two speaking slots on the Innovation Zone to talk on their specialist topics.
Further information on the contest can be found in Infosecurity Europe’s recent press release.
3. Government Cyber Security Advisory Board: applications open
Following the launch of the Government Cyber Security Strategy in January 2022, expressions of interest are now invited for membership of the Government Cyber Security Advisory Board.
The Board will be made up of independent external cyber security experts from industry and academia to build better links between government, the private sector and academia. It will provide independent solutions to the challenges of government cyber security, through rigorous challenge and driving best practices across government.
Candidates must have specific cyber security professional expertise, competence or knowledge with regard to areas covered in the Strategy. Further information on the requirements, application process and objectives of the Board can be found here.
4. Crown Commercial Services: supplier webinar and feedback survey
On Wednesday 29 June, Crown Commercial Services are holding a webinar on Cyber Security Services 3, the dynamic purchasing system that helps public sector organisations buy cyber services.
The webinar will provide an opportunity for suppliers to learn more about the system and how suppliers can provide services and obligations once appointed to the DPS. Crown Commercial Services will also provide an update on their work currently being carried out in cyber. There will also be an opportunity to ask questions to the team.
Crown Commercial Service are also continuing to develop their cyber commercial agreements and are really keen to hear your feedback. To do this please complete this short survey to help them gain further insight into any efficiencies they can make to improve their systems and processes.
5. Call for views on tougher consumer protections against malicious apps closing this month
Following a report published by the National Cyber Security Centre which revealed people’s data and money are at risk due to both fraudulent and badly designed apps that can be exploited by hackers, DCMS launched a call for views to ask the tech industry about enhanced security and privacy requirements for firms running app stores and developers making apps.
Under new proposals, app stores for smartphones, game consoles, TVs and other smart devices could be asked to commit to a new voluntary code of practice setting out baseline security and privacy requirements. This would be the first such measure in the world. The consultation closes on Wednesday 29 June.
6. Survey: cyber security as a Profession
The Global Forum on Cyber Expertise is gathering international views via a survey on developing cyber security as a profession. The survey includes questions on whether pathways for cyber professionals are clear; whether better recognised qualifications are needed to strengthen the profession and whether there should be a license to practice.
Based in the Netherlands, the Global Forum on Cyber Expertise’s mission is to strengthen international cooperation on cyber capacity building by connecting needs, resources and expertise and by making practical knowledge available to the global community.
7. “Upskill in Cyber” launches
Cybersecurity trainers SANS, in partnership with the Government, are launching Upskill in Cyber, a new free programme that aims to identify and rapidly reskill individuals for roles in cyber security in just ten weeks.
Launching on 4 July, students will undertake two SANS training courses and receive soft skills development to ensure they are immediately deployable within the cyber security workforce. Successful graduates will complete the programme with two GIAC certifications – GFACT and GSEC.
SANS are currently looking for individuals who are seeking to start a career in cyber security, whether they are currently employed in non-cyber roles or unemployed.
Applications for Upskill in Cyber close on Monday 27 June 2022. You can find further information on the programme and submit an application here.
8. Cyber Explorers Birmingham event
Last month, a DCMS-funded campaign to promote Cyber Explorers, a free, digital platform to teach 11-14 year olds cyber security skills, culminated in a Cyber Explorers Careers Fair in Birmingham.
Delivered by Niyo Enterprise, the event was attended by over 300 students from three secondary schools, and raised awareness of cyber as a potential career option and the opportunities in the sector. The young people heard speeches from Simon Hepburn, CEO at UK Cyber Security Council, as well as from a panel with representatives from Niyo Enterprise, Black Codher Bootcamp and cyber crime interns from West Midlands Cyber Crime Unit. The pupils also participated in Cyber Hunt games led by organisations such as QA, Taran3D, Metcloud, Girls Who Code and Aston University.
Niyo Enterprise said: “We can’t overstate the impact technology will continue to have on society and are proud to be doing our part to raise awareness amongst the next generation of developers, cyber security experts, and engineers. We believe that inspiring and educating girls from a young age is very important in raising aspirations for them to take on apprenticeships and even bootcamps in the future to become future tech stars.”
9. Launch of the Swindon and Wiltshire Cyber Cluster
In May, Lauren Metalle, DCMS’s South West regional cyber lead, attended the launch of the Swindon and Wiltshire Cluster. The launch was very well attended and Lauren gave a presentation on the National Cyber Strategy and our work under the Ecosystem pillar. Alan Hill from Splunk also gave a talk on organisational resilience and the cluster manager Brea Woods, gave a forward look at the activity planned for the cluster over the next few months.
You can find out more about the cluster and their work on their website.
10. Organisations offered streamlined guidance to help move to the cloud
Last month the National Cyber Security Centre released refreshed guidance to help organisations securely migrate their data and online services into the cloud.
Public and private sector organisations are increasingly utilising the benefits of cloud solutions to streamline their operations, and the updated Cloud Security Guidance has been made more accessible to meet the increasingly diverse range of organisations that are moving their operations online.
First launched in 2014, the refreshed collection combines two frameworks which enable everyone from small businesses to large enterprises to confidently ensure their current or prospective cloud service has appropriate security measures in place.
11. National Cyber Security Centre small organisations digital lofts
The NCSC are running a number of one hour webinars during June specifically aimed at small organisations to help them improve their cyber security. The courses are designed to be accessible to everyone and you don’t have to have an IT or technical background to benefit from the training.
You can register for each of the events listed below by clicking on the titles.
11.30am on Monday 13 June - Cyber Aware for Sole Traders and Micro-Businesses
Learn how to protect yourself or your small organisation online including passwords and 2-Step Verification (2SV).
11.30am on Thursday 16 June - Cyber Security for Small Organisations
How to improve your cyber security; affordable, practical advice for businesses.
1pm Wednesday 22 June - Cyber Essentials
Cyber Essentials helps you to guard against the most common cyber threats and demonstrate your commitment to cyber security.
You can stay up to date with the latest information and events from the NCSC through their Subscription Centre.