Understanding trade and cyber with a cybersecurity ambassador
The normalisation of remote and hybrid work alongside the proliferation of digital tools have introduced a “different view of attack strategies and cyber vulnerabilities of our devices and systems,” says Juliette Wilcox CMG, Cyber Security Ambassador for UK Defence and Security Exports, Department for International Trade, United Kingdom. The rapid pace at which countries are adopting technologies means that new threats are always present.
“It’s a game of Whack-a-Mole,” she says. For instance, cybersecurity agencies that have managed to secure their data via encryption may soon be threatened by the rise of quantum computing, which gives threat actors the unprecedented ability to crack encrypted data.
“Criminals who want to find data will continue to press to find a way no matter what new technology or new techniques come up,” Wilcox cautions. “Things that we have thought were secure in the past will change as technology improves.”
This is exacerbated by the continued lack of awareness and skilled talent. “Every country talks about how they don’t have enough people with skills to create and run these systems,” says Wilcox. A study by the IT certification non-profit International Information System Security Certification Consortium found that 60 per cent of organisations reported that a cybersecurity staffing shortage is placing them at risk.
Additionally, Wilcox points out that there is still a lack of general awareness on how to implement secure IT systems within organisations. She highlights a need to improve awareness of cybersecurity to the extent that it’s automatic.
One of the key sources of vulnerability at the moment is ransomware, which is a threat that is exponentially growing, according to Wilcox. A study by research firm Cybersecurity Ventures found that in 2021, the number of ransomware attacks globally nearly doubled, with the overall cost estimated to exceed US$20 billion.
Tackling the ransomware threat is a complex issue requiring both behavioural and technological approaches, Wilcox says. The UK, for instance, does not support the payment of the ransom as they believe that paying these threat actors only encourages more attacks. But not everybody takes the same approach.
“We collectively need to talk about how to impose a cost on people trying to extract ransomware and make it more difficult for them,” she says.
This is where technology can come in to support cybersecurity efforts. Tools like multi-factor authentication can make it more difficult for attackers to infiltrate; and if they do, zero trust principles can create an environment that makes it difficult for attackers to navigate the IT environment and obtain any data. Zero trust means that the software assumes every user is a threat. As a result, zero trust programmes will authenticate the identity of users at every step to ensure that they are who they say they are, and are not acting maliciously.
Trade and cybersecurity
“My key role is to promote the UK cyber industry as they export their capabilities, their products and their services globally,” Wilcox says. “We’ve done well in making sure that our industry is number two in the world, and it creates capabilities that are really worth sharing around the world and that will help to make the global environment more secure.”
This involves understanding from foreign governments what they might require in terms of technological components or services, and introducing them to the UK providers who offer those services.
“I provide opportunities for [cybersecurity providers] to have a platform to explain what it is that they’re selling, and why it’s important to the market,” she says. She also advises these organisations on how to export their products and the considerations they should have when selling to other nations.
Wilcox also makes it a point to support small and medium cybersecurity providers within the UK. “Some of our innovative companies are tiny. To grow, we need to make sure that they’ve got a market that they can sell their products on,” she says.
By helping them, the cyber industry also benefits from a proliferation of innovation, she adds.
While Wilcox’s title includes the term “cybersecurity”, she believes that her role’s importance extends beyond just the cyber industry. As the world digitalises, every sector is going to have an element of cybersecurity. “My role is to make sure that as somebody creating the next generation of hospital ventilators, for example, cybersecurity is built into it,” she explains.
A need for unified standards
There is an acceptance that second or third best solutions are not enough, Wilcox says. “You wouldn’t allow aeroplanes to fly if they had second-best wings attached to them.”
As the Cyber Security Ambassador, Wilcox relies on the agreement of international standards which ensures that cyber products will be secure, of high quality, and consistent with the standards the UK industry produces. “There is a global set of expectations that we all need to agree to and live up to and then we can create capabilities that fit behind that,” she says. “I’m the flag bearer in this area, to support the highest standards that will keep us secure.”
It’s easy to make tech products cheap, but vulnerable, Wilcox says, but that’s far from ideal. This is where Wilcox’s role as an ambassador in the Department of Trade is vital, to promote the export of reliable and credible cybersecurity products from the UK to the rest of the world.
“We believe that our products are good, so we’d quite like the world to adopt the standards that we think are appropriate,” she says.
Ultimately, cyber issues have no international borders. “If there’s a vulnerability in any one country, it infects others very quickly, including those who are not connected in any way except for a bit of software link.”
Cybersecurity is not an industry that can function in isolation, which makes Wilcox’s role as a cybersecurity ambassador all the more vital. “We are actively seeking to make sure that we’ve protected the things that we care about most, and we know that our partners and our allies care about that, too.”
Much like countries have managed to standardise aviation flying standards to achieve a baseline level of security, the cybersecurity industry needs to do the same. And trade will play a crucial role in ensuring that, Wilcox says.
Hear more from Wilcox at GovWare 2022! She will be presenting a keynote on Cyber Security, Cyber Prosperity, Cyber Power: What’s Trade Got to Do with It?, from 10am to 10.30am on 18 October at the Sands Expo and Convention Centre. Register for the event here!
This article is originally written and published by GovInsider.