Nation-state-sponsored Threat Groups threaten global security and stability, and governments take these threats very seriously. ‘Defend as One’ is one of the critical priorities for the UK Cyber Security Strategy and the Strategic Framework relating to a Cyber Resilient Scotland.
The ‘Defend as One’ principle is focused on a collaborative approach with government to respond to the increasing rate of threats. It utilises the benefit of sharing cyber threat intelligence and expertise and capabilities across organisations to build a defensive force more powerful than the sum of its parts.
To focus on these cybersecurity cornerstones, the UK Government is establishing a new Government Cyber Coordination Centre (GCCC) and the Scottish Government has established its Scottish Cyber Co-ordination Centre (SC3). Leidos UK Cyber Security works in partnership with the UK and Scottish Governments and private organisations to help them ‘Defend as One’ and become cyber resilient, bringing decades of experience defending cyber interests globally and delivering advanced capabilities honed from protecting some of the world’s most valuable assets.
Using our cybersecurity maturity model, Leidos has led transformations for federal government Security Operations Centres (SOCs) and more than 20 geographically dispersed Fortune 500 commercial SOCs. Leidos currently supports the Defense Information Systems Agency (DISA)’s Global Information Grid Services Management Operation programme to modernise Department of Defense communications and networks and successfully spearheaded the implementation of one of the world’s largest security gateways, the Joint Regional Security Stack (JRSS).
The SC3 seeks to understand how Scotland can manage threat and vulnerability at scale, how to build its cybersecurity capabilities in the public sector, how to exploit and share Cyber Threat Intelligence and how to detect and respond to cybersecurity incidents more rapidly and collaboratively.
Nation-state-sponsored Threat Groups continue to threaten the UK’s ambition to make it the safest place to live and work online. For example, 9/12/2021, the critical zero day vulnerability CVE-2021-44228, affecting Log4j2, an open-source java logging library created by the Apache foundation which could result in remote code execution attacks and lead to a bad actor taking control of a host highlighted how a zero-day vulnerability can be weaponised by Threat Groups and have a global impact. In response to this the Public and Private sectors took a collaborative ‘Defend as One’ approach to combat it.
The fallout from the Russian invasion of Ukraine continues to highlight an increased likelihood of cyberattacks on NATO members from hostile Nation State Sponsored Threat Groups affiliated with Russia. Cyberattacks targeting UK Critical National Infrastructure are of particular concern and have the potential to disrupt our way of life.
Cybersecurity authorities from the UK, US, Australia, New Zealand and Canada have jointly published advisories in response to these increased threats. Both GCHQ and NCSC recommend exploiting Cyber Threat Intelligence to proactively protect against threats and vulnerabilities and learn from the misfortunes of others who suffer a cyberattack. They highlight heightening detection and response capabilities to be ready for the worst case scenario as a result of a cyberattack. It is also important to never underestimate the basics; always remain on critical alert, vulnerabilities need to be patched, detect threats and prepare Cyber Security Incident Response plans.
The rise of ransomware and extortionware gangs such as Conti and REvil and their destructive impacts on organisations such as SEPA, Colonial Pipeline and the Irish National Health Service has prompted a collaborative response from the cybersecurity authorities of the G7 and Five Eyes communities.
Leidos UK, and in particular Leidos’ new UK Sovereign 24×7 Cyber Security Operations Centre (CSOC), are perfectly positioned to help protect the UK and Scottish Government customers to Defend as One. The CSOC’s purpose is to create cyber resilience for customers. It protects them from Cyber Attacks, provides a 24×7 threat detection and response service and leverages 2,900 Leidos cyber security professionals within the US, harnessing their global experience within Federal Government to provide Scottish Government customers with the best possible cyber expertise and service.
The CSOC also aligns with a critical objective of the UK Government Cyber Security Strategy 2020-2030, to develop the right cyber security skills, knowledge, and culture. Many organisations are struggling to attract and recruit qualified personnel – this situation will continue as organisations accept the realities of digital business, necessitating alternative approaches to finding cybersecurity talent. One of Leidos’s approaches is to target and train its own talent, building a world-class workforce with strong cyber capabilities that has access to one of the best internal training academies in this sector. We are investing substantially in Scottish students interested in cybersecurity as a career and are recruiting at apprentice and graduate levels.
This represents a significant investment by Leidos in the Scottish cybersecurity industry and supports the objectives of the Scottish Government’s Industry Advisory Group to expand its skilled talent pool, address its skills shortage and to ensure its workforce continues to be a positive factor in inward investment. According to the Scottish Technology Industry Survey 2022, 31 per cent of Scotland’s tech businesses feel cybersecurity is a potential growth opportunity in the year ahead, up 8 per cent from last year.
It is increasingly important for governments to have a robust strategy for cybersecurity to protect their borders and their people. Sometimes it is seemingly small vulnerabilities that can create an opening for threat groups to attack, so having the right infrastructure, a defensive cybersecurity mind set to detect and respond, an operational plan, the right people and partners to continually test defences and look for vulnerabilities and threats should never be underestimated in terms of importance. ‘Defend as One’ is a key example of how a cyber resilient Scotland is laser focused on increasing its capabilities in this ongoing battleground.