Category Archives: Internet Security

2022 cyber security incentives and regulation review – GOV.UK

1. Ministerial foreword

Julia Lopez MP, Minister for Media, Data and Digital Infrastructure

The digital age is making the world more interconnected than ever before, driving extraordinary opportunity, innovation and progress. UK businesses, organisations, and citizens increasingly operate online to deliver economic, social and other benefits. This government has committed to a pro-innovation approach to governing digital technologies, and has set out ambitions to drive use and implementation of the latest technology in infrastructure and boost cyber skills across the country.

Alongside the enormous opportunities offered by this transition comes an increased threat of cyber attack. As the digital economy is growing, so too is the opportunity for malicious actors to exploit vulnerabilities in IT systems. Recent high-profile cyber incidents where attackers have attacked organisations through vulnerabilities in their supply chains, such as SolarWinds and Microsoft Exchange, along with the notable increase in ransomware attacks on organisations and critical national infrastructure such as the Colonial Pipeline in the US, have demonstrated the disruptive potential of these threats and the real world impacts they can realise.

According to the Cyber Security Breaches Survey 2021, two in five businesses (39%) report having experienced cyber security breaches or attacks in the last 12 months. Among the businesses that identify breaches or attacks, over a quarter (27%) are experiencing these issues at least once a week. However, only half of organisations have taken any action to help identify cyber security risks in the last twelve months.

COVID-19 has increased our reliance on digital technologies and has changed the cyber security landscape. Around a quarter of the incidents the NCSC responded to in 2020 related to coronavirus.

Government, industry, academia and the public have an important role in building UK resilience to counter these risks. The challenge is to build a prosperous digital society that is both resilient to cyber threats, and equipped with the knowledge and capabilities required to maximise opportunities and manage risks. Making explicit the link between good cyber security and business resilience is crucial to our mission of keeping the UK safe and secure online.

Protecting the public, UK businesses, organisations, and critical infrastructure, will always be the highest priority of this government. This publication sets out our approach to meeting this challenge and ensuring the UK economy is resilient enough to meet the ongoing demands of a modern, digital world.

Julia Lopez MP

Minister of State for Media, Data, and Digital Infrastructure

Department for Digital, Culture, Media and Sport

The cyber threat is significant and growing, yet cyber attacks are not always sophisticated. Attacks frequently succeed as a result of poor cyber hygiene and the exploitation of known vulnerabilities. For every highly sophisticated hostile state attack such as SolarWinds, there are hundreds of low-level phishing, denial of service, and ransomware attacks. Raising cyber resilience across the economy and society, even if it is just the basics of ensuring good cyber security practices are implemented consistently, is the first line of defence against cyber attacks. The government recognises this is a complex challenge that needs the involvement of businesses, organisations and the public if the UK is to succeed in becoming more cyber resilient.

Since 2016, the government has made significant progress in tackling cyber threats and improving the resilience of the UK society and economy. Through the National Cyber Security Strategy (2016-2021), the governments efforts have been focused on addressing cyber threats to the UK. Improvements to cyber risk management have been brought about through the provision of advice and guidance from the National Cyber Security Centre, and the implementation of the General Data Protection Regulation, the Data Protection Act 2018 and the Network and Information Systems Regulations 2018. Nevertheless, a broader set of business frameworks have not yet effectively stimulated the governance and accountability needed across business to significantly improve resilience and effectively manage current and future cyber risks.

There has been an increase, across the whole economy and society, in the usage and dependence on digital services, which are employed to provide key corporate needs such as information storage, shared communications, and security. This has brought considerable benefits to industry and the UK but has also increased the breadth of cyber risks to organisations and the wider economy.

It is clear to the government that its previous approach, set out in the 2016 Regulation and Incentives Review, is not delivering the requisite change at sufficient pace and scale. Government cannot leave cyber security solely to the marketplace to deliver widespread improvements in cyber resilience. In order to improve cyber resilience across the economy and society, the government needs to be more proactive and interventionist. This paper sets out the evidence for this change in approach, and explains the proposed direction of travel for future government interventions across four key policy areas:

Foundations - the provision of advice and guidance on cyber risk management and the promotion of trustworthy services.

Capabilities - supporting skilled professionals capable of implementing advice and guidance.

Market Incentives - engaging with market actors to create incentives for organisations to invest in cyber security measures.

Accountability - holding organisations accountable for effective management of their cyber risk.

The approach set out in this Review forms part of our plan to meet the outcomes of the recently-published National Cyber Strategy which include Building a resilient and prosperous digital UK, reducing cyber risks and ensuring citizens feel safe online and confident that their data is protected.

The strategic policy framework.

Through this approach, the government will also deliver on its vision for the UKs foreign, defence, security and development policy as outlined in Integrated Reviews objective of building the UKs national resilience:

To establish a whole-of-society approach to resilience, so that individuals, businesses and organisations all play a part in building resilience across the UK. We will seek to develop an integrated approach, bringing together all levels of government, CNI operators, the wider private sector, civil society and the public.

There has been a notable global increase in ransomware attacks which can cause severe disruption to critical national infrastructure and government services. In May 2021 a ransomware attack on the Colonial Pipeline Company shut down the largest fuel pipeline in the United States for several days and led to fuel shortages across the East Coast of the country. The National Cyber Security Centre (NCSC) reported a significant rise in ransomware attacks on the UK in 2020, including an attack against Redcar and Cleveland Borough Council which cost the Council an estimated 10.4 million.

The trend suggests that attempted ransomware attacks will increase globally and in the UK, with criminals developing new techniques to circumvent cyber defences. The NCSC also identified a shift in the way ransomware attacks are carried out: rather than preventing access to data, criminals are increasingly stealing sensitive data and threatening to leak it publicly - compromising the security not just of organisations, but of individuals.

As supply chains become increasingly interconnected, vulnerabilities in suppliers products and services correspondingly become more attractive targets for attackers seeking to gain access to organisations. Recent high-profile attacks include the Kaseya global supply chain compromise in July 2021. Kaseya, an information technology solutions developer for managed service providers, was compromised when malicious actors leveraged a software vulnerability to target multiple managed service providers and their customers. It is currently estimated that between 800 and 1500 organisations were compromised by the attack. The incident demonstrates how seemingly small players in an organisations supply chain can introduce disproportionately high levels of cyber risk into the wider economy.

It is clear that organisations dependent on digital technologies are at risk of being disrupted by unforeseen incidents, both malicious and accidental. This can have a devastating impact on an organisations ability to function. It is in this context that the government sees business resilience and cyber security as intrinsically linked.

Threats are adapting in a fast-paced cyber environment, and so cyber security plans must be designed with the ability to evolve through periods of change. Cyber resilience - the ability for organisations to prepare for, respond to, and recover from cyber attacks and security breaches - is key to operational resilience and continuity, as well as the growth and flourishing of the whole UK economy as we adapt to the demands of operating online.

The government needs to look at all levels of the digital stack[footnote 1] when it comes to resilience. Cyber resilience cannot be seen simply as securing data or procuring the latest technology: it is about identifying critical services and infrastructure, assessing vulnerabilities, ensuring that the appropriate mitigations and systems are in place, and creating a supportive governance structure.

This publication provides an update of the policy areas outlined in the 2016 Cyber Security Regulation and Incentives Review as priority interventions. As we have reached the end of the 2016-2021 National Cyber Security Strategy and are starting to deliver the new 2022 National Cyber Strategy, this review lays out the current state of cyber resilience, assesses the impact of available support, and recognises the impact of existing regulation on building cyber resilience in the UK economy.

Evidence[footnote 2] suggests that government initiatives since 2016 have had a positive impact on cyber security, in particular, the implementation of the General Data Protection Regulation (GDPR) and the Security of Network and Information Systems (NIS) Directive, and the establishment of the UKs world-leading National Cyber Security Centre (NCSC). Nevertheless, evidence gathered through our annual Cyber Security Breaches Survey and our 2019 Cyber security incentives & regulation review call for evidence indicate that these efforts have not been sufficient by themselves to drive the necessary improvement in organisational cyber risk management, and to ensure the economy as a whole is adequately protected.

The government is assessing which options most effectively support the economy and society to overcome the main barriers to cyber resilience, without placing unnecessary burdens on organisations. The government aims to encourage business and organisations to effectively manage cyber security as part of broader business continuity and operational resilience risk management. In order to improve cyber resilience across the economy and society, government interventions are offered across four key policy areas:

Foundations - the provision of foundational advice and guidance which articulates cyber risk management best practice.

Capabilities - investment into training skilled professionals capable of enacting advice and guidance.

Market Incentives - engaging with market actors to create incentives which stimulate market-driven demand for organisational cyber hygiene.

Accountability - holding organisations accountable for effective management of their cyber resilience measures.

The 2016 Regulation and Incentives Review recognised that, for many organisations, lack of information can be a major barrier to action. Therefore, ahead of new requirements under the (then) upcoming GDPR and NIS Directives, the first National Cyber Security Strategy focused on preparing organisations through increased provision of support and information, in order to improve organisations capability to embed the GDPR and NIS Directive. The establishment of the NCSC was intended as a vital portal in delivering this support and information. At this stage, less explicit focus was placed on providing commercial rationales for organisational investment in cyber security.

In relation to the right mix of regulation and incentives, the 2016 Review focused on how good cyber risk management could be better embedded into corporate governance processes. Whilst there were already several proposals for regulation under consideration, the 2016 Review concluded that cyber risk management would be more effective when pursued from a positive business engagement stance, rather than instituting a culture of compliance which may not lead to transformative behaviour change. The 2016 Review therefore proposed that the NCSC engage with Boards on understanding their cyber risk and how they can improve the risk management. In response to this, and to direct engagement with Boards, the NCSC produced the Cyber Security Toolkit for Boards of all sizes to assist them in asking the right questions of the leadership teams of their organisations.

The GDPR and the NIS Directive were considered positive interventions with the potential to drive significant improvement in cyber security behaviours. However, the 2016 Review recommended their impact would necessarily be subject to regular review, noting that this assessment may lead to consideration of further government action to achieve the improvement in cyber risk management required.

Since 2016, the government, through its Cyber Security Breaches Survey has tracked the experiences of organisations with regards to cyber security breaches and attacks on an annual basis. The Cyber Security Breaches Survey 2020 found that organisations were becoming more resilient to breaches and attacks over time and that they were less likely to report negative outcomes or impacts from breaches than they were in 2016, and more likely to make a faster recovery. The Cyber Security Breaches Survey 2021 showed that some of this progress has since levelled off or in some cases deteriorated, likely as a result of businesses finding it harder to administer cyber security measures during the COVID-19 pandemic. However, overall, organisations still remain more resilient than they were in 2016.

In 2020, DCMS published The Impact of GDPR on Cyber Security Outcomes. This research focused specifically on the impact of GDPR, and similarly to the Cyber Security Breaches Survey, indicated that there have been positive changes in cyber security prioritisation and practices since the introduction of the GDPR. Since the introduction of GDPR most organisations reported that they have:

However, these improvements were not realised equally across all aspects of cyber security. More improvements were reported in relation to governance, risk management, data security and systems security, while less change was evident in relation to procurement and supply chain risk management. DCMS is consulting more broadly on reforms to data protection and UK GDPR, to keep peoples data safe and secure, while supporting growth and innovation across the UK.

Despite these improvements in organisations cyber risk management, a sizeable number of organisations that identify cyber security breaches or attacks report a specific negative outcome or impact. The Cyber Security Breaches Survey 2021 showed that 39% of businesses and 26% of charities identified that they had experienced at least one breach or attack in the last 12 months. Among those that identified breaches or attacks, one in five (21% and 18% respectively) lost money, data or other assets. One third of businesses (35%) and four in ten charities (40%) reported being negatively impacted regardless of whether they experienced a material outcome, for example because they required new post-breach measures, had staff time diverted or suffered wider business disruption.

These figures have shifted over time, with the proportions experiencing negative outcomes or impacts in 2021 significantly lower than in 2019 and preceding years. This is not due to breaches or attacks becoming less frequent but may, in part, be due to more organisations implementing basic cyber security measures following the introduction of the GDPR in 2018.

Despite these improvements, for those that experience material outcomes, the financial costs are substantial. Where businesses have faced breaches with material outcomes, the average (mean) cost of all the cyber security breaches these businesses have experienced in the past 12 months is estimated to be 8,460. The mean cost rises to 13,400 for medium and large businesses.

In addition, organisations are identifying breaches and attacks with more frequency. Among those identifying any breaches or attacks in the Cyber Security Breaches Survey in 2021, half of businesses (49%) and almost half of charities (44%) say this happens once a month or more often and around a quarter (27% of businesses and 23% of charities) say they experience breaches or attacks at least once a week.

In 2019, DCMS launched the Cyber Security Incentives and Regulation Call for Evidence to seek feedback on the core barriers organisations face in managing their digital security risks. In particular, it called on industry to identify the information and assurances that would result in organisations better prioritising and investing in the mitigation of cyber risks as part of their broader organisational resilience and business continuity.

The call for evidence was a key first step in testing our understanding of the barriers that many organisations face in managing their risks. When the government published a summary of the evidence received these barriers were outlined as:

Over 70% of respondents agreed that each of these three barriers presented a barrier to organisations managing their risk effectively. Respondents also highlighted two further barriers of:

The findings highlight that a lack of commercial rationale is a significant barrier for organisations, and was identified to be an even more severe barrier for micro and small organisations. Overall, our evidence suggests that softer levers and positive business engagement are not sufficient in themselves to transform industry behaviour to meet the increasing threat landscape.

Government must help company boards understand that cyber security is an integral component of the resilience of their business and must be part of their risk management. Their customers expect it, as do their shareholders. To manage cyber risks effectively, organisations must align cyber risk management with broader enterprise and digital risk management. Cyber security therefore needs to be incorporated into strong corporate governance procedures and board-level representation, building on and developing the existing support in place from the NCSC, BEIS and DCMS.

The governments future support to improve business cyber resilience will therefore focus on:

Our approach is to:

The four policy areas: a holistic approach

Foundations and Capabilities (P1 and P2), focus on how the government provides tools, support, and skills to businesses to help them understand how to implement cyber hygiene practices. The latter two areas, Market Incentives and Accountability (P3 and P4), concern the need to stimulate demand for uptake of these behaviours from either a market-driven or a regulatory perspective. Our holistic approach is consistent with the regulatory principles set out in the Plan for Digital Regulation, which commits the government to drawing on the full range of regulatory tools available, including industry-led or co-regulatory measures.

The inclusion of supply chain risk management as part of the Market Incentives workstream demonstrates that these pillars are designed to be mutually reinforcing. It is not appropriate to expect organisations to voluntarily change their behaviour, or for the government to pursue regulatory action, without supporting organisations with the provision of guidance and skills required to help organisations understand the incentives for behaviour change, and to effectively comply.

The following sections provide an outline of the existing and new priority policy initiatives in each of these four pillars. These sections will cover activity over the course of the next National Cyber Strategy, which is due to be published in late 2021.

When the National Cyber Security Strategy (NCSS) began in 2016, cyber security guidance and support was predominantly aimed at critical national infrastructure,[footnote 3] with limited support for the businesses in the wider economy.

Over the course of the NCSS there has been significant focus on creating accessible, tailored guidance and support for businesses to help address the barriers to taking action and protect against the most common cyber threats. To build the foundations of cyber resilience, the government has focused on three broad areas:

Raising awareness of the cyber threat.

Helping businesses know what to do (guidance, standards and frameworks).

Improving uptake of existing government support (engagement activity).

Raising awareness of the threat is an important step in the journey we want businesses to take towards action. Over the past five years, the government has run the Cyber Aware (formerly Cyber Streetwise) campaign to highlight the threat and show the public and small businesses how to protect themselves. In addition, the Police Services Protect programme brought dedicated cyber officers into all police forces, which has created the opportunity for local business engagement within regions.

As the governments centre for technical expertise in cyber security, the NCSC has now created a wide range of tailored guidance for audiences across the economy and society, including the citizen. Entry-level guidance and schemes for small businesses help protect against the vast mass of low-sophistication, untargeted cyber attacks.[footnote 4] This includes the Cyber Essentials Readiness Toolkit and advice delivered via Cyber Aware.

For larger organisations, there is a wider suite of advice to support the required spectrum of cyber risk management activities. This includes comprehensive strategies and frameworks to help firms understand the range of action they need to take, such as the 10 Steps to Cyber Security, which go beyond technical measures to include governance processes and organisational culture. A board toolkit shows how senior managers can drive cyber resilience improvements, whilst online training and incident exercising are also freely available from the NCSC.

To build on awareness of the cyber threat, distribute guidance and drive adoption of cyber security measures, the government has undertaken a significant programme of industry engagement. This includes communications, campaigns and engagement by government departments such as BEIS and by the NCSC, campaigns and outreach by law enforcement, and partnership work with industry organisations and trade bodies, such as the Federation of Small Businesses and the British Retail Consortium. A key part of this has been aligning messages to NCSC technical advice and ensuring activities are informed by insights gathered via government research, and engagement with sectors across economy and society.

Many of the foundations required to drive better cyber resilience across the economy are now in place. Government guidance has been user-tested and is well-received by industry, with the vast majority of businesses that use it saying it is useful (83% in 2020 according to the Cyber Security Breaches Survey 2020). The annual {Cyber Security Breaches Survey 2021]( shows improvement over time: 77% of businesses say cyber security is a high priority, up from 69% in 2016. Furthermore, awareness of the Cyber Aware campaign is up 13 percentage points from 21% in 2017 to 34% in 2021, with the campaign and associated engagement activities driving well over 100,000 businesses towards using the NCSCs cyber security small business guide in the past year.

However, there is some way to go before we achieve the transformation in cyber resilience across the economy which was stated as an aim in the 2016 National Cyber Security Strategy. 1.4 million UK businesses employ staff[footnote 5] and many still do not take basic protective actions: only 15% of businesses have carried out an audit of their cyber security vulnerabilities, and only 14% train their staff on cyber security.[footnote 6] Only 8% of businesses have proactively sought information or guidance from government or public-sector bodies such as the NCSC.[footnote 7] Of those who recall government communications or guidance, just 37% report making changes to their cyber security as a direct result.[footnote 8]

COVID-19 has made cyber security a harder task, particularly for the smallest businesses. New threats have been presented by the rapid adoption of new technologies and the high number of staff connecting remotely. However, in 2021 only 83% of businesses report having up-to-date malware protection (down from 88% in 2020) and only 35% are using security monitoring tools (down from 40% in 2020).[footnote 9]

The challenge therefore is to increase the reach and adoption of existing activities and guidance. The key barrier to adoption for UK organisations is the lack of commercial rationale for investment and action. The UK Cyber Survey research suggests around a half of businesses (48%) do not see cyber security as a priority or think it unlikely they would be targeted.[footnote 10] Engaging more of these businesses in getting basic protections in place is a key priority, as is moving other more engaged firms further along the journey to cyber resilience maturity.

A more active approach is therefore needed to drive faster and wider adoption of cyber resilience measures. We are exploring what government interventions will broaden the reach of existing guidance and engagement in order to make cyber security become part of the standard set of good business practices. This will require greater market intervention, in particular by exploring mechanisms for increasing business accountability.

In addition to the provision of advice and guidance, the government has developed a range of risk management and trustworthy products and services to help organisations stay safe online by incentivising them to meet defined cyber hygiene measures. These products allow organisations to demonstrate their commitment to cyber security and provide confidence to customers, investors, insurers and other stakeholders that they have taken essential steps to manage their cyber risk.

Government currently provides a number of products that enable organisations to become confident that they are protected and insured against a range of common cyber attacks, most notably Cyber Essentials and Cyber Essentials Plus. We will continue to promote their take-up and, if necessary, measures to mandate their use where circumstances warrant it.

The Cyber Essentials scheme seeks to help organisations, regardless of size, improve their cyber resilience and protect themselves against the most common internet-based threats by setting out five basic technical controls, which can either be independently audited or tested through Cyber Essentials PLUS.

Since 2014 when the Cyber Essentials scheme was launched, over 80,000 certificates [as of the end of December 2021] have been awarded to businesses, charities and other organisations across the UK. The rate of adoption is accelerating, with 26,598 certificates awarded during 2021, compared to 19,357 certificates in 2020 and 15,945 in 2019. The findings from the Cyber Security Breaches Survey 2021 also highlight that, compared to 2016, business awareness of Cyber Essentials has grown by 8 points (14% compared to 6%) while medium and large organisations are also substantially more aware of the scheme (45% and 50% respectively).

Cyber Essentials has also been an effective product for the government to target particular communities requiring urgent support to ensure they are resilient to online threats. This was demonstrated in September 2020 when the government initiated delivery of a 500,000 Cyber Essentials Covid Funding Scheme to help small and medium-sized enterprises in the healthcare and social care sectors, and their critical suppliers, to improve their digital resilience. Over 50% of organisations that were supported through the funding scheme said they would engage further with cyber security as a result of the positive experience.

In June 2020, six years after its launch, an evaluation of Cyber Essentials was conducted by Britain Thinks to review the Scheme against its core objectives to provide a baseline for assessing the impact of it in the future. While the evaluation highlighted the positive impact of Cyber Essentials overall, it also provided certain recommendations on how it could be improved.

DCMS is currently working in partnership with the NCSC to scope a range of proposals for how Cyber Essentials could be improved. These proposals take account of key insights on barriers which organisations may experience in accessing the scheme; as well as of needs across the UK economy; the evolving threat landscape; and opportunities presented by the transition of Cyber Essentials to a singular delivery partner, the IASME consortium, in April 2020. In addition, the government will continue to evaluate the effectiveness of Cyber Essentials as a tool to help manage risks in the government supply chain in terms of coverage and depth.

The NCSC has also developed the Cyber Assessment Framework, a tool for assessing cyber resilience.

The Cyber Assessment Framework is predominantly aimed at organisations that play a vital role in the day-to-day life of the United Kingdom such as those that form part of the critical national infrastructure, or are subject to certain types of cyber regulation, including the Network and Information Systems Regulations. The Cyber Assessment Framework, and associated guidance, aims to provide a systematic comprehensive approach to assessing the extent to which cyber risks to specified essential functions are being managed by the organisation responsible.

The basis of the Cyber Assessment Framework is a set of 14 principles which collectively represent a robust level of cyber security and resilience. These principles describe important outcomes that an organisation needs to achieve in order to successfully manage the risk of disruption to that organisations essential functions caused by cyber attack. Since it is not a prescriptive checklist of cyber security controls, the Cyber Assessment Framework is usable by a wide range of organisations across multiple sectors. It is best suited to larger organisations that have an established level of cyber security capability.

The Cyber Assessment Framework has been widely adopted by UK cyber regulators and is the most commonly-used method by which the cyber resilience of organisations in the UKs Critical National Infrastructure is judged. The NCSC will continue to work with Cyber Assessment Framework stakeholders to determine if sector-specific aspects of the Cyber Assessment Framework are required and, if so, to assist in introducing changes.

Although there is a wide range of existing cyber risk management certification, and assurance standards and frameworks offered by government and industry, the 2019 Cyber Security Incentives and Regulations Call for Evidence found that two thirds of respondents believed the lack of a standardised definition of effective cyber risk management was a moderate to severe barrier to organisations effectively managing their cyber risk.

In addition, insight from evidence, engagement and analysis indicates that there are a number of barriers to the take-up of existing government and industry standards and frameworks, which prevent organisations making full use of this support. These include issues of accessibility around the high cost of meeting the technical requirements of Cyber Essentials, the technical nature of the language and controls themselves, as well as concerns that existing standards are viewed as compliance exercises and therefore do not provide sufficient assurance to other interested parties that an organisation is effectively managing its cyber risk.

The call for evidence also highlighted that existing standards/frameworks are frequently viewed as unfit for purpose as they are too prescriptive and/or too basic, or at the other end of the spectrum, too vague or demanding. Respondents also noted that the complexity of the landscape caused by the multiplicity of cyber risk management standards and frameworks results in confusion as to which is most appropriate for their particular organisational risk posture. It is clear that the current standards and frameworks offer does not provide sufficient clarity in expectations around how organisations should be thinking about their cyber risk in placing it as part of wider operational resilience and business continuity.

Over the last year, DCMS has explored whether further government intervention is required to help organisations position cyber risk as part of business risk, and outline a good practice approach for embedding cyber security throughout the organisation. Our evidence suggests that a focus on improving the governance of cyber security within an organisation can often lead to the quickest improvements in overall cyber resilience, while industry-led research also indicates that there is demand for better governance of cyber security within an organisation as a recognised aspect of improving overall organisational resilience.

We will continue to work closely with the NCSC, BEIS and other relevant Whitehall departments, industry partners and academia to further collate relevant evidence and test these findings through consideration of how an increased focus on governance could be addressed within the context of cyber risk management standards and frameworks to improve take-up, drawing on a wealth of pre-existing work including the NCSCs refresh of existing risk management guidance and the industry-led Cyber Crossroads project and work on what makes a competent professional.

Over the course of the National Cyber Security Strategy, the government has built up an evidence base to better understand the cyber skills requirements of industry. This has included running the annual Cyber Skills in the UK Labour Market survey, the Cyber Security Sectoral Analysis, as well as a standalone research piece that focused on drawing out an understanding of the cyber security recruitment pool. This has provided a starting point from which to identify the needs of industry and the nuance of the issues faced, as well as an opportunity to benchmark progress against which to measure the impact of interventions over time.

The Labour Market survey reveals that 50% of all UK businesses (around 680,000 employers) have a basic technical skills gap within their organisation. This means they do not have the confidence to implement the basic security controls to keep their organisation safe in line with the requirements of Cyber Essentials. Basic security controls include the ability to carry out functions such as storing or transferring personal data securely, setting up configured firewalls, and detecting and removing malware. Further to this, 33% of all UK businesses (around 449,000 companies) are not confident in carrying out, and do not outsource, advanced technical cyber functions such as penetration testing, forensic analysis of breaches, and security architecture.

As well as highlighting the skills gap within the workforce, there is also a skills shortage and continuous demand for skilled candidates to be supplied to the workforce, in order to support organisations to carry out the range of tasks required. In particular, there were around 124,000 job postings for cyber security-related roles between September 2019 and December 2020.[footnote 11] This demand came from across the country, with specific hotspots in London, Leeds, Edinburgh, Belfast, as well as across the West Midlands and the South West. While this demand temporarily dipped at the start of the pandemic, it has broadly remained consistent throughout and indicates that cyber security is a high growth sector for the economy. There are an estimated 134,500 individuals working across the UK cyber security workforce, with around 7,500 new individuals joining each year.[footnote 12] However, this is insufficient to keep up with the increasing demand for skilled candidates: there is an estimated annual shortfall of around 10,000 individuals per year.

Further to the need for an increased supply of competent candidates, there is a clear diversity issue within the cyber sector. In particular:

In order to address this, there needs to be a consistent, quality supply of diverse talent into the field. In order to support this and stimulate an industry response to galvanise wider effort, DCMS and the NCSC have funded a number of interventions over the previous five years of the National Cyber Security Programme. This has included sustained activity aimed at inspiring the next generation of cyber security talent.

CyberFirst was launched in 2015 as a programme to identify and nurture talented students into jobs in cyber security. Initially established as a bursary scheme, the low levels of diversity among applicants meant the programme had to reach back into the education system, implementing a number of activities intended to encourage and inspire more students, especially female students, to consider a career in technology and cyber security. As well as the University bursary scheme, the programme now includes a degree apprenticeship scheme, a girls only competition, and thousands of free places on CyberFirst courses at UK Universities and Colleges.

Cyber Discovery was a gamified learning platform, running over four years and inspired over 23,000 young people every year aged between 13-18 years old to consider a career in cyber security, whilst identifying and nurturing promising talent from a young age.[footnote 13]

While this work has looked towards the future, the government has also supported the training market to develop and run ambitious programmes for adults with an interest in changing careers and bringing transferable skills to enrich the cyber talent pool now. This develops the profession, while also begins to address the skills shortage in the more immediate term. Activity in this space has included the funding of initiatives through the Cyber Skills Immediate Impact Fund, which focused on increasing opportunities across the UK for groups that are underrepresented in the cyber sector, as well as the recent Cyber LaunchPad initiative to support up to 200 individuals access cyber security learning and increase their job prospects during the pandemic. Activity to date has supported upwards of 1,000 individuals to obtain more basic level understanding in preparation for a potential career in cyber security.

However, for meaningful and sustainable change, there is a need to assure the range of degrees, certifications and qualifications in the cyber security landscape. Efforts to date have included the NCSC-led work to certify cyber security degrees across the UK to bring consistency to the higher education offerings and providing students with the confidence and understanding they need when making their study choices.

Government is therefore building on the academic excellence within the UK and looking to provide the appropriate structure to hone and encourage collaboration in this space that improves the offering across education more broadly. In December 2020, the first nine UK universities were recognised as Academic Centres of Excellence in Cyber Security Education (ACE-CSE). These institutions are recognised for delivering certified cyber security degrees, growing cyber security across the institution and engaging with their local community to promote cyber skills.

Further applicants will be considered to expand this cohort going forward. The institutions provide non-cyber security students with opportunities to learn about cyber security and interdisciplinary teams of educators that bring in other fields of study including politics, law and psychology, which is essential to expanding the consideration of cyber security beyond the sole focus of its profession alone.

Further to working with the academic institutions, the University of Bristol has developed the Cyber Security Body of Knowledge (CyBOK). This product defines and codifies the breadth of foundational knowledge needed by those working in or close to cyber security roles. It is intended that CyBOK will provide a foundation for consistency that can be mapped to all education and training offerings in cyber security, as part of bringing coherence and quality assurance to an active training market and learning landscape.

There has been, over the last five years, a huge amount of work across government, academia, industry and the professional landscape to develop the field and ensure its flexibility to adapt to the continually changing threat landscape, and with that what cyber security professionals need to know and be able to do. This has been illustrated by industry trailblazer groups coming together to draft, challenge and progress industry-designed apprenticeship standards at Levels 3, 4 and 6 that can be supported through the Apprenticeship Levy.

Continued here:
2022 cyber security incentives and regulation review - GOV.UK

Are You a Robot Interview: Decentralization of the Internet – Security Boulevard

I enjoyed speaking about an increasingly common topic (Decentralisation of the Internet) with Demetrios Brinkmann (@dpbrinkm on Twitter) on the Are You A Robot Podcast (@areyouarobotpod on Twitter).

The whole conversation is available on, as well as andhere:

Follow this link:
Are You a Robot Interview: Decentralization of the Internet - Security Boulevard

UKs Online Safety Bill falls short on protecting speech and tackling harms, warns committee – TechCrunch

Another U.K. parliamentary committee has weighed in on the governments controversial plan to regulate internet content with a broadbrush focus on safety.

The Digital, Culture, Media and Sport (DCMS) Committee, warned in detailed report today that it has urgent concerns the draft legislation neither adequately protects freedom of expression nor is clear and robust enough to tackle the various types of illegal and harmful content on user-to-user and search services.

Among the committees myriad worries are how fuzzily the bill defines different types of harms, such as illegal content and designations of harms with MPs calling out the governments failure to include more detail in the bill itself, making it harder to judge impact as key components (like Codes of Practice) will follow via secondary legislation so arent yet on the table.

That general vagueness, combined with the complexities related to the choice for a duty of care approach which the report notes in fact breaks down into several specific duties (vis--vis illegal content; content that poses a risk to children; and, for a subset of high risk P2P services, content that poses a risk to adults) means the proposed framework may not be able to achieve the sought for comprehensive safety regime, in the committees view.

The bill also creates risks for freedom of expression, per the committee which has recommended the government incorporates a balancing test for the regulator, Ofcom, to assess whether platforms have duly balanced their freedom of expression obligations with their decision making.

The risk of platforms responding to sudden, ill-defined liability around broad swathes of content by over-removing speech leading to a chilling impact on freedom of expression in the U.K. is one of the many criticisms raised against the bill which the committee appears to be picking up on.

It suggests the government reframes definitions of harmful content and relevant safety duties to bring the bill in line with international human rights law in order to try to safeguard against the risk of over-removal by providing minimum standards against which a providers actions, systems and processes to tackle harm, including automated or algorithmic content moderation, should be judged.

Even on child safety a core issue U.K. ministers have repeatedly pinned to the legislation the committee flags weaknesses in the bill that they assert mean the proposed regime does not map adequately onto the reality of the problem.

They have called for the government to go further in this area, urging the bill to be expanded to cover technically legal practices, such as breadcrumbing (aka where perpetrators deliberately subvert the thresholds of criminal activity and for content removal by a service provide) citing witness testimony which suggests the practice, while not in fact illegal, nonetheless forms part of the sequence for online CSEA [child sexual exploitation and abuse].

Similarly, the committee suggests the bill needs to go further to protect women and girls against types of online violence and abuse specifically directed at them (such as tech-enabled nudifying of women and deepfake pornography).

On Ofcoms powers of investigation of platforms, the committee argues they need to be further strengthened urging amendments to give the regulator the power to conduct confidential auditing or vetting of a services systems to assess the operation and outputs in practice; and to request generic information about how content is disseminated by means of a service', with MPs further suggesting the bill should provide more specific detail about the types of data Ofcom can request from platforms (presumably to avoid the risk of platforms seeking to evade effective oversight).

However on enforcement the committee has concerns in the other direction and is worried over a lack of clarity over how Ofcoms (set to be) very substantial powers may be used against platforms.

It has recommended a series of tweaks, such as making clear these powers only apply to in-scope services.

MPs are also calling for a redrafting of the use of so-called technology notices which will enable the regulator to mandate the use of new technology (following persistent and prevalent failings of the duty of care) saying the scope and application of this power should be more tightly defined, and more practical information provided on the actions required to bring providers into compliance, as well as more detail on how Ofcom will test whether the use of such power is proportionate.

Here the committee flags issues of potential business disruption. It also suggests the government take time to evaluate whether these powers are appropriately future-proofed given the advent of technology like VPNs and DNS over HTTPs.

Other recommendations in the report include a call for the bill to contain more clarity on the subject of redress and judicial review.

The committee also warns against the government creating a dedicated joint committee to oversee online safety and digital regulation, arguing that parliamentary scrutiny is best serviced by the existing, independent, cross-party select committees and evidenced by the work we have done and will continue to do in this area.

It remains to be seen how much notice the government takes of the committees recommendations. Although the secretary of state for digital, Nadine Dorries, has previously suggested she is open to taking on board parliamentary feedback to the sweeping package of legislation.

The report, by the DCMS Committee, follows earlier recommendations in December by a parliamentary joint committee focused on scrutinizing the bill, which also warned that the draft legislation risked falling short of the governments safety aims.

The government published the draft Online Safety bill back in May 2021 setting out a long-trailed plan to impose a duty of care on internet platforms with the aim of protecting users from a swathe of harms, whether related to (already illegal) content such as terrorist propaganda, child sexual abuse material and hate speech, through more broadly problematic but not necessarily illegal content such as bullying or content promoting eating disorders or suicide (which may create disproportionate risks for younger users of social media platforms).

Speaking to the joint committee in November, Dorries predicted the legislation will usher in a systemic change to Internet culture telling MPs and peers it will create huge, huge change to how Internet platforms operate.

The bill, which is still making its way through parliament, targets a broad range of internet platforms and envisages enforcing safety-focused governance standards via regulated Codes of Conduct, overseen by Ofcom in an expanded role including with incoming powers to issue substantial penalties for breaches.

The sweeping scope of the regulation the intent for the law to target not just illegal content spreading online but stuff that falls into more of a grey area where restrictions risk impinging on freedom of expression and speech mean the proposal has attracted huge criticism from civil liberties and digital rights groups, as well as from businesses concerned about liability and the compliance burden.

In parallel, the government has been stepping up attacks on platforms use of end-to-end encryption deploying rhetoric that seeks to imply robust security is a barrier to catching pedophiles (see, for example, the governments recently unveiled NoPlaceToHide PR to try to turn the public against E2E encryption). So critics are also concerned that ministers are trying to subvert Internet security and privacy by recasting good practices as barriers to a goal imposing child safety through mass digital surveillance.

On that front, in recent months, the Home Office has also been splashing a little taxpayer cash to try to foster the development of technologies which could be applied to E2EE systems to scan for child sexual abuse material which it claims could offer a middle ground between robust security and law enforcements data access requirements.

Critics of the bill already argue that using a trumped up claim of child protection as a populist lever to push for the removal of the strongest security and privacy protections from all Internet users simultaneously encouraging a cottage industry of commercial providers to spring up and tout child protection surveillance services for sale is a lot closer to gaslighting than safeguarding, however.

Zooming back out, there is also plenty of concern over the risk of the U.K. over regulating its digital economy.

And of the bill becoming a parliamentary hobby horse for every type of online grievance, as one former minister of state put it with the potential for complex and poorly defined content regulation to end up as a disproportionate burden on U.K. startups vs tech giants like Facebook whose self-serving algorithms and content moderation fuelled calls for Internet regulation in the first place, as well as being hugely harmful to U.K. internet users human rights.

Visit link:
UKs Online Safety Bill falls short on protecting speech and tackling harms, warns committee - TechCrunch

Exposing the Internet-Connected Infrastructure of the REvil Ransomware Gang An In-Depth OSINT Analysis – Security Boulevard

In this post Ive decided to do an in-depth OSINT analysis on the recently busted REvil ransomware gang and decided to elaborate more and emphasize on the key fact in specific how come that a single ransomware group with several publicly accessible and easy to shut down C&C (command and control) server domains including several randomly generated Dark Web Onion URLs could easily result in millions of damage and who really remembers a situation when getting paid for getting hacked including the basic principle that you should never interact with cybercriminals but instead should passively and proactively monitor them could result in todays modern and unspoken ransomware growth epidemic and the rise of wrong buzz words as for instance ransomware-as-a-corporation where you basically have the bad guys obtain initial access to an organizations network and then hold its information encryption leading us to the logical conclusion who on Earth would pay millions of dollars to avoid possible bad reputation damage including to fuel growth into a rogue and fraudulent scheme as as for instance the encryption of sensitive company information and leaking it to the public in exchange for financial rewards.

Sample REvil ransomware gang publicly accessible C&C (command and control) servers include:





Related responding IPs for hxxp://decryptor[.]cc:

2021/12/30 103[.]224[.]212[.]219

2021/10/23 198[.]58[.]118[.]167

2021/10/23 45[.]79[.]19[.]196

2021/10/23 45[.]56[.]79[.]23

2021/10/23 45[.]33[.]18[.]44

2021/10/23 72[.]14[.]178[.]174

2021/10/23 45[.]33[.]2[.]79

2021/10/23 45[.]33[.]30[.]197

2021/10/23 96[.]126[.]123[.]244

2021/10/23 45[.]33[.]23[.]183

2021/10/23 173[.]255[.]194[.]134

2021/10/23 45[.]33[.]20[.]235

2021/10/23 72[.]14[.]185[.]43

2021/10/08 78[.]41[.]204[.]37

2021/10/03 209[.]126[.]123[.]12

2021/09/24 78[.]41[.]204[.]28

2021/09/03 209[.]126[.]123[.]13

2021/08/19 78[.]41[.]204[.]38

2021/08/02 81[.]171[.]22[.]4

2021/07/27 81[.]171[.]22[.]6

2021/04/17 103[.]224[.]212[.]219

2020/11/10 45[.]138[.]74[.]27

2020/11/04 45[.]138[.]74[.]27

2020/09/14 136[.]243[.]214[.]30

2020/09/06 136[.]243[.]214[.]30

2020/08/30 212[.]22[.]78[.]23

2020/08/23 212[.]22[.]78[.]23

2020/07/30 212[.]22[.]78[.]23

2020/07/24 212[.]22[.]78[.]23

2020/07/07 212[.]22[.]78[.]23

2020/05/30 193[.]164[.]150[.]68

2020/05/20 193[.]164[.]150[.]68

2020/05/10 194[.]36[.]190[.]41

2020/05/08 194[.]36[.]190[.]41

2020/04/29 194[.]36[.]190[.]41

2020/04/06 194[.]36[.]190[.]41

2020/02/17 94[.]103[.]87[.]78

Related responding IPs forhxxp://decryptor[.]top (185[.]193[.]127[.]162; 192[.]124[.]249[.]13; 96[.]9[.]252[.]156):

2021/07/12 45[.]9[.]148[.]108

2020/09/18 185[.]193[.]127[.]162

2020/09/15 185[.]193[.]127[.]162

2020/08/07 185[.]193[.]127[.]162

2020/01/16 162[.]251[.]120[.]66

2019/12/23 45[.]138[.]96[.]206

2019/12/12 107[.]175[.]217[.]162

2019/10/07 96[.]9[.]252[.]156

2019/09/04 96[.]9[.]252[.]156

2019/07/15 91[.]214[.]71[.]139

Related MD5s known to have been involved in the campaign:

MD5: 57d4ea7d1a9f6b1ee6b22262c40c8ef6

MD5: fe682fad324bd55e3ea9999abc463d76

MD5: e87402a779262d1a90879f86dba9249acb3dce47

MD5: 4334009488b277d8ea378a2dba5ec609990f2338

MD5: 2dccf13e199b60dd2cd52000a26f8394dceccaa6

Stay tuned!

Read more from the original source:
Exposing the Internet-Connected Infrastructure of the REvil Ransomware Gang An In-Depth OSINT Analysis - Security Boulevard

ESET picked for its Advanced Threat Protection solutions – Trade Arabia

ESET, a global leader in cybersecurity, has been awarded top marks for its business and consumer offerings in two separate AV-Comparatives tests relating to Advanced Threat Protection.

The ESET Protect Cloud solution ranked at the top among competitors in the AV-Comparatives Advanced Threat Protection Test Enterprise, and ESET Internet Security for consumers was a high achiever in the AV-Comparatives Advanced Threat Protection Test Consumer.

AV-Comparatives, a leading independent testing organisation, well-known for offering innovative real-world environment testing, has subjected ESETs enterprise solution to hacking and penetration techniques that allow attackers to access internal computer systems and which mimic threats used in the real world.

ESET Protect Cloud came out of this rigorous testing with AV-Comparatives certification for Advanced Threat Protection, which is awarded to products that pass, and in ESETs case the product not only passed but also achieved the top results among its peers, being the only solution that detected 14 out of the 15 attack scenarios.

ESETs consumer solution was also put through rigorous testing in a separate AV-Comparatives test, which aimed to uncover how well the solution can protect the end user rather than simply detect threats. ESET Internet Security achieved solid marks for its protection and was awarded the Advanced Threat Protection certification Advanced+ level.

Juraj Malcho, ESETs Chief Technology Officer commented on the achievement: No cyber security solution is perfect but at ESET we always strive to be the best, and we are very happy to see that a highly respected independent testing organisation like AV-Comparatives confirms that we are delivering on our promise.-- TradeArabia News Service

Continued here:
ESET picked for its Advanced Threat Protection solutions - Trade Arabia

Internet Security Global Opportunity Analysis and Industry Forecast 2021-2029 Discovery Sports Media – Discovery Sports Media

The objective of this report is to provide a global, regional and national assessment of the Internet Security market potential and existing products, services, and future market sizes. It is crucial because the Internet Security market varies substantially in terms of regional characteristics and depending on the technology in question.

Get a Sample Copy of this report at:

Many employees from well-known companies have been interviewed through telephone conversations to extract and analyze the sources of information collected. In addition, a brief study of the major players operating in the Global Internet Security Market was also undertaken. For data extraction, preliminary assessments are made with executives and players in the industry, and the future of significant players is studied and analyzed.

This research study analyzed the status of the company, which is divided into application width, bottom line, product type, and competition level. It describes how COVID-19 will affect the amount of money they receive, the amount of money they receive, and the expected growth rate for each group. The Internet Security study gives an industry analysis based on a detailed evaluation of market dynamics and the Markets top suppliers. Based on the information received, the in-house analysis provides accurate data details and minimizes exposure.

Ask for Discount:

Internet Security Market Leading Companies:

Type Analysis of the Internet Security Market:

Application Analysis of the Internet Security Market:

Inquiry before moving ahead with this premium Report:

Key Highlights of the Report:

This study provides an overview of the Internet Security global market as well as current trends as well as future prospects to identify upcoming investment portfolios. Internet Security marketing analysis supported by historical, current, and company plans with market size information supported by data in value and volume, wherever it is located.It is expected that industry-leading factors and manufacturers will influence the industry from now on. The introduction of the Key Strategy Marketing and Key Marketing Channel is welcomed in the market Internet Security Market Attractiveness Analysis and Key Investment Opportunity Analysis in the Market in the future Technological Roadmap, Patents Analysis, Potential Substitutes, and Technical Analysis

About Us:

We at QYReports, a leading market research report publisher cater to more than 4,000 prestigious clients worldwide meeting their customized research requirements in terms of market data size and its application. Our list of customers include renouned Chinese companies multinational companies, SMEs and private equity firms. our business study covers a market size of over 30 industries offering you accurate, in depth and reliable market insight, industry analysis and structure. QYReports specialize in forecasts needed for investing in an and execution of a new project globally and in Chinese markets.

Contact Us:

Name: Jones John

Contact number: +1-510-560-6005

204, Professional Center,

7950 NW 53rd Street, Miami, Florida 33166

View original post here:
Internet Security Global Opportunity Analysis and Industry Forecast 2021-2029 Discovery Sports Media - Discovery Sports Media

The Product Security and Telecommunications Infrastructure Bill 2021-22 – House of Commons Library – Commons Library

The Product Security and Telecommunications Infrastructure Bill has its second reading on 26 January 2022.

The Bill would:

Information about the Bills stages and related publications is provided on the Parliamentary Bill page.

Part 1 of the Bill relates to powers to introduce mandatory security requirements for connectable products such as smart phones, smart TVs and connected speakers. These products may also be described as smart devices, or internet of things (IoT) devices.

Connectable products are required to meet certain safety standards, but there are currently no mandatory security requirements. There is growing concern about the risks to consumers associated with some of these products, through breaches in safety and privacy and their potential for use in wider cyber-attacks.

The Government published a voluntary Code of Practice for Consumer IoT Security, in 2018. It provided manufacturers and others with guidance (13 principles) on good practice to ensure connectable products were secure.

In response to poor uptake of the Code of Practice and continued risks to consumers, the Government consulted in 2019 on introducing mandatory security requirements for connectable products. Legislative proposals were consulted on in 2020.

The Bill would provide regulation-making powers for the Secretary of State to introduce security requirements for connectable products sold in the UK.

The Government has said that it intends the following products to be affected by the Bill:

Some products would be excluded, such as smart meters, medical devices, vehicles and smart chargepoints (for electric vehicles).

The Government said it will use the powers under clause 1 of the Bill to introduce the top three guidelines from the Code of Practice:

It would also place duties on manufacturers, importers and distributers of these products to ensure compliance with the statutory requirements and to take action where a compliance failure has occurred.

The Bill sets out a number of enforcement measures that could be taken when there is a breach of compliance. For serious issues of non-compliance, the Bill sets the maximum penalty at 10 million or 4% of the companys worldwide revenue.

Part 2 of the Bill would make changes to the electronic communications code (ECC). The ECC is the main law that governs the rights of telecoms companies to install infrastructure on land, UK-wide.

The ECC was significantly reformed in 2017. This included changes to rights to upgrade and share infrastructure and changes to dispute resolution processes. It also included changes to how land is valued when determining rent for hosting telecoms equipment under a court-imposed agreement.

Reforms to the ECC have always been highly contested, with often strongly opposing views between telecoms operators and site providers (landowners). The Government has to strike a difficult balance between ensuring digital connectivity is widely available while property rights are respected.

The land valuation reforms have been particularly controversial, with reports thatrents for hosting telecoms equipment have reduced, in some cases dramatically. The ECC is said to be causingdelays to infrastructure roll-out through lengthy negotiations and legal proceedings.

The Governments consultation that informed the Bill did not revisit the topic of land valuation.

The Bill aims to encourage faster and more collaborative negotiations for the installation and maintenance of telecoms equipment on private land. The Government says this would help ensure the efficient roll-out of digital infrastructure such as gigabit-broadband and 5G.

The main changes the Bill would make include:

Telecoms operators and site providers had opposing views on most of the above changes, with telecoms operators agreeing that changes should be made and most site providers disagreeing.

The Bill would apply to all of the UK.

Here is the original post:
The Product Security and Telecommunications Infrastructure Bill 2021-22 - House of Commons Library - Commons Library

CipherTrace CEO David Jevans Named to 2022 Wash100 for Leading Digital Currency Innovation, Driving Blockchain Technology & Security -…

David Jevans, CEO of CipherTrace was named to the list of 2022 Wash100 Award recipients, the most coveted award in all of government contracting (GovCon), for his visionary leadership as Cipher Trace CEO as well as driving innovative blockchain capabilities and being one of the first to adopt cryptocurrency in the late-90s.

Executive Mosaic is pleased to recognize Jevans as a Wash100 winner for the first time in his long career in industry and cryptocurrency. Visit to cast a vote for David Jevans as one of your TEN votes to advocate for your favorite leaders in the federal and government sectors.

In addition, Jevans will act as a panelist at the Potomac Officers Clubs Digital Currency and National Security Forum on Thursday to give his perspective on the potential implications, risks, challenges and opportunities digital currencies pose to the future of U.S. economy and national security along with several other crypto experts and industry leaders.

Visit to learn more about the future of decentralized cryptocurrency from industry leaders like David Jevans who has been involved with digital currencies since the late-90s. Click here to register for Thursdays Digital Currency and National Security Forum.

During an appearance on CNBCs Squawk on the Street, Jevans detailed the challenges of maintaining crypto hygiene and provided an introduction to CipherTrace as a market leader in blockchain and cryptocurrency anti-money laundering software.

At CipherTrace, we provide a capability to effectively de-anonymize, not at the individual level, but to track the funds all the way from crypto exchanges through banks, Jevans explained. We look at money laundering services, criminal activity, ransomware, and we help companies, banks, cryptocurrency exchanges, government regulators or law enforcement, to keep the bad guys out of the system.

More recently, CipherTrace was acquired by Mastercard in order to create an integrated offering that combines AI, cyber and blockchain capabilities to provide businesses with greater transparency to identify and understand the risks and manage compliance obligations. Since the acquisition, Jevans has joined Mastercard as an executive vice president to continue the mission.

Back in July, CipherTrace began a partnership with BAE Systems Applied Intelligence to integrate the companys market-leading cryptocurrency intelligence software and transaction risk rating with BAEs NetReveal transaction monitoring solution.

The combination offers financial institutions additional protection from cryptocurrency laundering risks and crypto-related threats, while providing detailed information that can be used to achieve regulatory compliance.

Identifying risky crypto transactions using blockchain analytics services and flagging cross border payments to offshore VASPs are now a business imperative, Jevans elaborated. CipherTraces technology allows financial institutions and cryptocurrency exchanges to detect unauthorized money movements and helps to prevent potential sanction violations.

As an industry expert on cybersecurity, blockchain security, internet fraud and more, Jevans is an elite leader and is a pivotal driving force to lead CipherTrace with strong growth, top-name customers and a wide range of capabilities in cyber, eCrime and will continue to be one of the first and most significant drivers of blockchain across the federal sector and other critical areas.

Executive Mosaic is proud to recognize CipherTrace and David Jevans for being named a 2022 Wash100 Award recipient. As a first-time winner of the most coveted award in GovCon, Jevans has demonstrated a level of success and recognition that can only be recognized by the Wash100 Award and the GovCon community.

Visit to vote for David Jevans and others who you believe deserve the recognition as the most significant leader to the GovCon community and federal landscape.

View original post here:
CipherTrace CEO David Jevans Named to 2022 Wash100 for Leading Digital Currency Innovation, Driving Blockchain Technology & Security -...

How gangs are using spoof applications to dupe people – Hindustan Times


Members of several gangs posed as bank executives and duped at least 200 people across Haryana in the last two months on the pretext of increasing their credit card limits by using call spoofing applications, said police.

Police said similar cases were registered at Gurugram, Faridabad, Palwal, Nuh, Rewari, Hisar, Jind, Rohtak and Sonipat. They are still investigating over 400 complaints. Cyber crime police stations in all districts have written to banks and application developers to ensure safe and secure transactions but the process is taking time, said police.

Commissioner of police KK Rao said that victims believed the perpetrators because they used spoofing apps to make it seem like they were calling via banks real customer care numbers. People shared their credit card details and one-time passwords (OTP) with the perpetrators, who then transferred money from the victims bank accounts to their own, and withdrew it from different locations so that they could not be identified. The process of obtaining the perpetrators IP addresses and mobile locations is taking time, because of which the registration of several cases is getting delayed, he said.

Rao added, The suspects are using spoof applications such as X-lite, Eyebeam and Indicall and posing as bank officials, telecom executives and insurance agents to dupe people.

NK Singh, a senior manager with an automobile company and a resident of Sector 57 in Gurugram, said that he was duped of 1.75 lakh after a man posing as a bank executive offered to redeem points on his credit card and offered him an iPhone 13 Pro Max. I was on my way to a meeting and was in a hurry when the bank executive called me. He informed me that I had been offered the latest mobile phone and they want to send it to my house. I shared my address and he asked me to verify the credit card details. While on call, I received an OTP which he asked me to share with him and before the call got disconnected money was transferred from my savings account, he said.

In another incident, a 40-year-old woman was duped of 1.50 lakh after she shared the details of her bank account and OTP with a man posing as a bank executive. I received a call on December 15 from a man who introduced himself as a bank executive and offered me a free holiday package. It was a 15-minute call, I shared the OTP I received and 1.50 lakh was transferred from my account, she said.

The Gurugram Police have arrested over 55 members of at least six different gangs from Rajasthan, Uttar Pradesh, Madhya Pradesh, Bihar, Jharkhand, Telangana, Delhi and Nuh in the last two months in connection with similar cases.

According to police, during questioning, most suspects revealed they used different modus operandi to dupe people using spoof applications and emails. In many cases, they use mobile apps to create spoof emails supposedly sent by telecom providers, banks or social media sites. Once a user clicks on a link provided in the email, they are then susceptible to fraud.

In several cases, perpetrators also used the names of well-known placement companies and matrimony sites to dupe unsuspecting victims.

We received over 200 complaints whereing victims said they were duped on the pretext of jobs, loans and dating offers via emails. We tracked the emails and found that all the companies in question had no information about such mails being sent out. A thorough check revealed that the fraudulent mails were being sent with the help of spoofing apps, said Narender Kadiyan, Faridabad deputy commissioner of police (crime).

Police said it is convenient for perpetrators anywhere to send an email to anyone from any ID.

Narender Bijarnia, the superintendent of police (SP), Jind, said that perpetrators target victims after scanning their details and grievances on social media accounts and take advantage of their concerns and call them using spoofing apps. At times people post their bad experience son social media regarding banks, companies or loan issues. Perpetrators note the details and call the victims from a toll-free number posing as bank executives from the credit card division or senior managers of job portals, he said.

He added that victims follow their instructions and lose money from their accounts.

Commissioner Rao said: Perpetrators make spoof calls using X-lite and Eyebeam--these two apps are very popular these days. They display actual toll-free numbers of banks so that if anyone checks on the Internet, they assume it is a genuine call, he said.

According to cyber experts, hackers use several methods to steal victims money. Using spoofing applications is one method. There are also other applications such as Easy Loan- the moment you install the app, all your personal data is stolen from your device, including contacts and photos, which can then be misused to extort money. Also, by using screen-sharing apps such as Anydesk or Team Viewer, anyone can try to steal your OTPs, etc. from your device. They can also ask you to install apps such as SMS Forwarder, which automatically gives your OTP to hackers. Stay safe and call 155260 in case of any monetary loss or log on to, said Rakshit Tandon, a cyber security advisor.

Police said they have been spreading awareness and have asked people not to share their OTPs with anyone as no bank or insurance company asks for it.


Leena Dhankhar has worked with Hindustan Times for five years. She has covered crime, traffic and excise. She now reports on civic issues and grievances of residents....view detail

How gangs are using spoof applications to dupe people - Hindustan Times

Neenah schools will be closed Tuesday because of a ‘technology security situation’ that shut down internet, phone systems – Post-Crescent

NEENAH All Neenah Joint School District schools will be closed Tuesday because of a "technology security situation."

According to a letter from the district, the security situation "involves potential unauthorized access to the school data system" that caused an outage of the internet, phone systems and several software applications.

At this point, the district has no reason to believe any confidential or personal information was compromised, the letter said.

After the district discovered the issue, it notified local and federal law enforcement and brought in cyber security experts to begin a forensic investigation, the letter said.

The district hopes to have phones and other systems working again by Wednesday so students and staff can return to school, but students will likely work "in a non-digital environment, possibly into next week."

This story will be updated when more information becomes available.

Reach AnnMarie Hilton at or 920-370-8045. Follow her on Twitter at @hilton_annmarie.

See the rest here:
Neenah schools will be closed Tuesday because of a 'technology security situation' that shut down internet, phone systems - Post-Crescent