BRITISH companies are facing a chronic shortage of computer security experts at a time when the threat of security breaches is as high as ever.
The comments from Sam Hutton, chief technical officer and co-founder of security firm Glasswall Solutions, came as the Queen officially opened the new National Cyber Security Centre (NCSC) in London - part of intelligence agency GCHQ.
Britain is one of the world’s most digitally dependent economies, with the digital sector estimated to be worth more than £118 billion per year.
A crippling cyber-attack on infrastructure that could turn out the lights is bad enough, but the loss of confidence in the digital economy from consumers and businesses as a result of criminals exploiting online vulnerabilities would be considerably more serious. Officials say a sustained effort is required by government and the private sector working together to make the UK the hardest possible target.
Russia has been the focus of recent concern, following claims it used cyber-attacks to interfere with the US presidential election.
Hutton told The National: “The opening of the NCSC is a vital step in the national battle against cyber-crime, recognising that it is through innovation we will defeat potentially devastating attacks on our businesses, infrastructure and government.”
However, he added: “The global shortage of cyber security professionals makes it utterly necessary that we leverage the power of our home-grown innovation to disrupt criminals and state-sponsored organisations who are manipulating everyday activities, such as the exchange of email attachments to deliver increasingly successful zero-day attacks.”
The NCSC opening heard from security officials that the dizzying array of rules on online passwords means the average internet user is being asked to remember the equivalent of a new 600-digit number every month.
One government expert described the onerous requirements on length and make-up of login codes as being “dumb”.
Tens of millions of people now use a host of web services every day, but the trend has brought with it the challenge of remembering a wide range of passwords.
Users face myriad rules including minimum numbers of letters and the use of upper and lower case characters and digits. They may also be asked to regularly change their password.
Ian Levy, technical director at the NCSC, said: “Across everybody’s private and work life, all the different services they have, all the different passwords, the average complexity and the average change interval, broadly speaking it’s the same as asking somebody to remember a different 600-digit number every month.
“When I say it’s dumb, that’s why I say it’s dumb.”
NCSC chief executive Ciaran Martin said even his top specialists would struggle to memorise a new 600-digit figure every month.
“None of my best people can do that, so we shouldn’t be telling other people to do that,” he said.
His suggestion was using password managers, which he said were “great” and made life “so much easier”.
“That’s the short-term answer to make the current pain go away. If you’ve got a vault of all your passwords, you need to remember one. It syncs across all your devices.”
In the longer term, security researchers are working towards a scenario where people will not need to use a password to access government services.
Meanwhile, the £200 million Fortis datacentre near Newhouse, North Lanarkshire - Scotland’s largest - has connected to an ultra-fast network in a landmark partnership. It has gone live through Commsworld’s gigabit capable pure fibre network between Glasgow and Edinburgh.
Why are you making commenting on The National only available to subscribers?
We know there are thousands of National readers who want to debate, argue and go back and forth in the comments section of our stories. We’ve got the most informed readers in Scotland, asking each other the big questions about the future of our country.
Unfortunately, though, these important debates are being spoiled by a vocal minority of trolls who aren’t really interested in the issues, try to derail the conversations, register under fake names, and post vile abuse.
So that’s why we’ve decided to make the ability to comment only available to our paying subscribers. That way, all the trolls who post abuse on our website will have to pay if they want to join the debate – and risk a permanent ban from the account that they subscribe with.
The conversation will go back to what it should be about – people who care passionately about the issues, but disagree constructively on what we should do about them. Let’s get that debate started!
Callum Baird, Editor of The National
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules hereLast Updated:
Report this comment Cancel