UK cyber skills, supply chain security, ransomware top of National Cyber Advisory Board agenda

UK cyber skills, supply chain security, and businesses’ awareness of cyberattacks were top of the agenda in the second meeting of the National Cyber Advisory Board (NCAB), the UK government has revealed. The meeting took place in April at CyberUK, the government’s flagship cybersecurity conference in Belfast, and was co-chaired by the Deputy Prime Minister and Chancellor of the Duchy of Lancaster, Oliver Dowden, and CIO at Lloyds Banking Group UK, Sharon Barber.

The NCAB is a forum for a more inclusive and engaged national dialogue on cybersecurity, bringing together leaders from UK academia, industry, and the third sector. The government launched applications for the NCAB in May last year, with its first meeting taking place in London in November. In its second meeting, the board reflected on the UK’s achievements since the launch of the National Cyber Strategy and how it can inform the government’s approach to ransomware, which remains a significant national security threat.

Members of the NCAB include senior representatives from organisations including the UK Cyber Security Council, Tech UK, Google Cloud, ASOS, Vodafone, and Microsoft.

NCAB targets cybersecurity recruitment, standardised supplier security, cyber resilience

The NCAB discussed progress against its three areas of priority focus, driven through NCAB working groups on cyber skills and diversity, risk and crisis management, and supply chains, composed of NCAB members and government, according to a UK government posting. These were:

• Build cyber skills throughout the economy by introducing better recruitment practices such as standardised job specifications, and exploring how to accelerate the development of entry-level talent.
• Strengthen the security of supply chains, an area critically needing cross-industry improvement, and improve efficiency in the assurance process, through standardised supplier questionnaires.
• Increase businesses’ awareness of the risks posed by cyberattacks to drive greater action on cyber resilience.

The NCAB said it expects to announce progress and actions in these areas at the next meeting, scheduled for October 2023.

Government, business cooperation key to tackling UK’s shared cyberthreats

The second meeting of the NCAB demonstrated the value of cooperation between the government and businesses, said Barber. “Working together to combat the shared threats we face helps to ensure the UK remains a safe place to invest and do business. The board encourages businesses to get involved with one of the many brilliant initiatives taking place across industry to strengthen our national cyber ecosystem and build the UK’s cyber resilience.”

Cybersecurity partnerships between government and industry must go further than they have previously to help keep the UK secure and address evolving cyberthreats, according to UK security minister Tom Tugendhat. Tugendhat spoke in the opening keynote on day two of the CyberUK conference in April, stating that whilst recent government-industry partnerships have been effective in tackling diverse cyber risks, more work is needed to keep pace with a changing threat landscape.

Tugendhat highlighted three specific areas where new focus is needed to build an all-round ecosystem of cybersecurity built on the UK’s leading education, expertise, technology, and cyber capabilities. They are prevention, bolstered defences, and new technology.