back to article UK.gov unveils cyber security export strategy – only thing missing is the strategy

The UK government has published a details-light "cyber security export strategy" intended to help local SMEs win contracts abroad - despite having struggled to boost its own spend with small businesses. International Trade Secretary Liam Fox, who resigned in disgrace as Defence Secretary under David Cameron, strangely pointed …

  1. Anonymous Coward
    Anonymous Coward

    Why would anyone else trust UK cybersecurity firms?

    Given the government's stated objective to record every packet on the internet for storage and analysis, why would anyone trust cyber-security products and services from the UK?

    1. Dan 55 Silver badge

      Re: Why would anyone else trust UK cybersecurity firms?

      Don't forget providers can be forced to install near-realtime not-really-backdoors, which the ECJ deems illegal.

    2. Nick Kew

      Re: Why would anyone else trust UK cybersecurity firms?

      Companies aren't the same as government. I wouldn't let a company's nationality have very much effect on whether I trust them. I'd put much more weight on management and track record.

      And I'd be inclined to treat politicians acting against a security company as a vote of confidence in a company that isn't their puppet. C.f. Kaspersky.

  2. Anonymous Coward
    Anonymous Coward

    world leading? If i'm needing to learn the latest way to exploit or ideas its normally on a russian or chinese forum. I dont go to confererences... bad things happen there like free gifts of wrist ornamentation.

    I dont recall the last time i paid much attention to anything security-wise in the uk.

  3. Anonymous Coward
    Anonymous Coward

    If the UK is not in favour of privacy and security for its own citizens, why would they provide that to someone else?

    1. BebopWeBop
      Pirate

      Ah but you seem to forget that the UK is very much in favour of enabling exports of tools that allow the oppression of others - for examples see

      https://motherboard.vice.com/en_us/article/mgbba4/the-fight-to-uncover-spyware-exports-to-repressive-regimes

      https://www.newstatesman.com/politics/uk/2017/09/uks-complicity-helping-oppressive-governments-goes-well-beyond-arms-sales

      So maybe not so 2 faced after all for a change.

  4. Anonymous Coward
    Anonymous Coward

    Just two things

    (1) Export controls, as controlled by DTI's Export Control Joint Unit. (2) On a positive note, if they can just get their shit in the same sock, Blighty would really have something there. Given that everyone seems equally incompetent in this field of endevour, I'm not going to hold my breath here.

    Aside: Just once I'd like to read something that recognizes the fact that security is multifaceted. Physical, network, endpoint and personnel either reinforce each other or leave a gaping whole to be exploited. It's something I thought about a lot in the military while armed. And since, though unarmed now. {Sigh}

    1. Sir Runcible Spoon

      Re: Just two things

      Some of us do consider all the various facets as they relate to securing assets. The many layered onion and all that - all of which is to slow down an attacker, get visibility of the breach earlier etc. so that you can take measures to stop it and then plug the gap.

      No such thing as a perfect system, but you can make it like molasses. What annoys me is when someone wants to remove one of the layers because it doesn't offer enough 'benefit', even though the effort required isn't massive to implement - and all because it's 'non-standard'*.

      *There is the counter-argument that non-standard implementations can lead to fragmentation of effort and understanding, thus leaving gaping holes in your processes and maintenance, so I would never suggest non-standard unless there is a team to handle all the little foibles and retain knowledge etc.

  5. Anonymous Coward
    Anonymous Coward

    The Russians.

    Every time a British politician says something about "cyber" and the "intertubes" ;)

    They must be ROFL.

    Along with everyone else.

    1. Kane
      Boffin

      Re: The Russians.

      "Along with everyone else."

      And all the necessary #hashtags.

  6. Anonymous Coward
    Anonymous Coward

    More "world class" IT

    I feel safer already.

    More like, they have a different definition of "world class" to everyone else on the planet. Maybe in this post-truth world they're using the Alice in Wonderland dictionary...

    1. Teiwaz

      Re: More "world class" IT

      More like, they have a different definition of "world class" to everyone else on the planet. Maybe in this post-truth world they're using the Alice in Wonderland dictionary...

      Of course the UK are World class, there's only one world, and nothing is said about where in the class ranking they are.

      I can claim a degree and a number of other qualifications without alluding to my bottom ranking whatsoever.

      Just as if were I an olympian I might claim runner-up status while actually coming in last...

      1. Dodgy Geezer Silver badge

        Re: More "world class" IT

        ...Just as if were I an olympian I might claim runner-up status while actually coming in last......

        Actually, coming last in an Olympic heat still means you're pretty good at your speciality. You don't get to compete unless you are top-class....

        1. Anonymous Coward
          Anonymous Coward

          Re: More "world class" IT

          >Actually, coming last in an Olympic heat still means you're pretty good at your speciality. You don't get to compete unless you are top-class....

          Or from a country with low standards for entry or very few participants in the sport and hoping to build popularity of that sport in that part of the world - Eric the Eel, Eddie the Eagle (not quite the same), etc.

        2. Rich 11

          Re: More "world class" IT

          You don't get to compete unless you are top-class..

          Or at the very least have access to the right drugs.

  7. 27escape

    Curate and showcase

    hmm, call me a cynic but I guess the smaller outfits will not get a mention then unless they are going to spend big to 'support' the various missions

  8. Anonymous Coward
    Anonymous Coward

    wonder which of the promoted companies

    are a front for GCHQ

    1. conscience
      Black Helicopters

      Re: wonder which of the promoted companies

      If you meant the start-up accelerator that GCHQ is pumping money and expertise into, then these are some of them:

      - - - -

      Seven startups were whittled down from 50 entries in total, and these were CounterCraft, Cyberowl, Cybersmart, Elemendar, Spherical Defence, StatusToday and Verimuchme.

      Verimuchme is a digital wallet for personal identification, while Cyberowl is an early-warning system for cyber attacks. Cybersmart automates implementation, certification and compliance across security standards. Elemendar is described by Wayra as a "collective intelligence platform that provides data visualisations to make sense of complex, uncertain, or volatile issues". Spherical Defence a "banking API intrusion detection system that uses deep learning to detect hacking attempts by establishing a baseline of normal communication".

      StatusToday is a platform that uses machine learning to try to make sense of human behaviour in the workplace, including insider attacks but also defending against plain human error. Speaking with Techworld, StatusToday's cofounder Ankur Modi said that the incubator had been essential in advancing his business.

      "The incubator was an interesting experiment for us," Modi said. "As a very young startup in the UK, we have been very keen to engage with GCHQ to understand how to mature the technology and the business.

      "One of the things it's helped us with is we got access to very senior experts within GCHQ, both technical and commercial, who helped us refine the technologies. Our machine learning capabilities, I would say, certainly have improved as a result of the conversations and discussions we've had with them – around what are the things that really matter when it comes to threat and risk, and what are the things that don't have that big a damage impact."

      https://www.techworld.com/security/gchq-startup-cyber-accelerator-aims-bring-fresh-ideas-into-razor-wired-doughnut-3656934/

      - - - - - -

      The second tranche of GCHQ-selected infosec startups has told the government that Britain should emulate the model it applied to encouraging the growth of homegrown fintech startups to cyber security.

      Meet the startups

      This is the second round of the joint GCHQ and Wayra accelerator programme, and the first time some of the startups will be hosted at the NCSC's location in Victoria, rather than behind the wire at GCHQ's headquarters in Cheltenham. The first cohorts raised £3 million in funding in total following the launch of the scheme in April this year.

      The nine startups include a business that tracks the illicit trading of cryptocurrencies such as bitcoin called Elliptic, a software-as-a-service learning platform designed to help developers write secure code called Secure Code Warrior, and ExactTrak, that provides tracking technology integrated at the chip level and counts AMD as a customer.

      The other startups are Cybershield, Intruder, Ioetec, RazorSecure, Trust Elevate, and Warden, spanning spearphishing prevention, through to age verification for young adults and children online.

      Wayra director Gary Stewart said that although the UK ranks an admirable third in worldwide cybersecurity investment, the NCSC and Wayra believe "we can do even better". The project is unique in that it is an open partnership with the secret services.

      https://www.computerworlduk.com/security/gchq-backed-accelerator-startups-tell-uk-gov-give-cyber-fintech-treatment-3668761/

  9. Milton

    Words Vs Deeds

    Politicians will say anything, and the astonishingly thick Liam Fox has a track record second to none for spouting self-important nonsense. With the current Tory administration infected by such conspicuous clowns and buffoons as BoJo, Davis and May herself, not to mention the usual retards like IDS, Leadsom, Paterson, the only thing they have is blather and lies.

    The idea that anyone of them has more than the most simplistic grasp of IT/net security is hilarious.

    So why take anybody their pompous bloviating seriously? They're just idiot, incompetent windbags.

    Watch only what they do. For what they say is ... worthless.

    1. Roj Blake Silver badge

      Re: Words Vs Deeds

      Yep, the Tories can't even get their own MPs (Green and Dorries to name but two) to keep their passwords to themselves.

  10. Anonymous Coward
    Anonymous Coward

    its a matter of trust

    Do you trust the people who encouraged the harvesting of FB data for political means and illegally shares medical records to track immigrants or not?

  11. amanfromMars 1 Silver badge

    "Curiouser and Curiouser", said Alice

    The UK government has published a details-light "cyber security export strategy" intended to help local SMEs win contracts abroad

    Details .... [from Cyber Security Export Strategy]

    The cyber security export strategy outlines the Department for International Trade’s (DIT) new approach to supporting the UK’s cyber security sector.

    This strategy sets out how the UK government will strengthen support to the UK’s world leading cyber security firms with a focus on priority markets and sectors.

    It will deliver a tailored experience for overseas buyers based on trusted insight, and help UK cyber security companies showcase their capability to find and secure opportunities to export.

    Who is/are the author/authors of the details-light "cyber security export strategy", the de facto wannabe classy world leaders in a novel crucially important and vibrant vital field of unusual and even supernaturally unnatural and alienating APT ACTivity? Anyone who isn't Anonymous and Speechless ..... like those Serial Faceless Phishing Mandarins so Beloved of Whitehalls and Westminster type Palaces?

    Here is a Global Export for them to try out their new strategies on .....

    Anonymous said...

    please stay calm

    just one

    why don't YOU understand?

    it's pure quantum state

    Who doesn't understand whenever so much on the true nature of pure quantum state is freely shared here.

    And staying calm is both Easy and Exciting in Becalmed Sees/Systems Ignorant of Stealthy Infiltration and Captivating Invasion, whenever so much on the true nature of pure quantum state is freely shared here.

    What do you know of NEUKlearer Fusion with Fission AI HyperRadioProACTivatedD.

    An Almighty Powerful Energy Source and Force, Anonymous. ...... Legion and Legendary and for Exploding onto Scenes in a Series of Controlled Chain Reactions to Flash Crash BetaTest Trash Markets and Lashed Together Operating Systems?

    Is that also your similar understanding?

    26 March 2018 at 20:00

    And, as it be UK Bred and Watered, would it be only fair and right proper to Offer an effective Government there every right to refuse and decline purchase of Almighty Powerful Energy Source and Force Programs and Projects and thus aid its Onward Flight to Ever More Exotic and Erotic Locations in Heavenly Destinations cleared of any suggestion of high treason with the stealing of Invaluable Intelligence Crown Jewels .... for that be the Simplest and Most Effective Strategy for Second and Third Party and Government Leverage with Command and Control.

    And as you may suspect and expect, such Advanced IntelAIgent Cyber Secured Systems of Sublime Operation are never going to be cheap to purchase/lend lease, but you can be sure that without them will the alternative cost and price to be paid for defence against such AICSSystems of Sublime Operation and a Series of Controlled Chain Reactions to Flash Crash BetaTest Trash Markets and Lashed Together Operating Systems be horrendously expensive ... and that perversely DOES make their purchase cheap at whatever the price to be paid. And credited and transferred with full personal control of spending to whose bank account would be quite telling, although that may be deemed TS/SCI Strictly Need to Know COSMIC Information ..... and Highly Dangerous to Know.

    The Internetworking of Things has certainly changed Everything Radically and Fundamentally, hasn't it? Of that is there no Doubt.

    1. amanfromMars 1 Silver badge
      Mushroom

      Re: "Curiouser and Curiouser", said Alice

      And something of note, El Regers, for Prime El Reg Prize Journalism to Report on and Host, rather than Avoid and Evade? :-)

  12. John Smith 19 Gold badge
    Unhappy

    "UK faces a diverse range of threats from hostile state actors. "

    Starting with the one located in No 10 Downing Street.

    1. David Roberts

      Re: "UK faces a diverse range of threats from hostile state actors. "

      Well, that just about puts the bowler hat on it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like