Gigamon’s Mark Coates on What’s Wrong with UK Cybersecurity

Share
As the UK moves forward in this digital age, the importance of robust cybersecurity cannot be overstated
Gigamon’s Mark Coates explains that the UK has several cybersecurity shortcomings, and explains how to address them

In an era where digital threats loom larger than ever, the state of cybersecurity in the UK has come under intense scrutiny. 

With recent high-profile attacks on critical infrastructure and a growing awareness of vulnerabilities in both public and private sectors, the need for a comprehensive and forward-thinking approach to cybersecurity has never been more pressing. 

As the UK grapples with these challenges, experts are calling for a significant overhaul of current practices and a renewed focus on robust, adaptive security measures.

Yet the landscape of cybersecurity in the UK is complex and multifaceted, encompassing everything from government agencies and critical national infrastructure to small businesses and individual citizens.  in fact, according to the Cyber Breaches Survey, conducted this year by the Department for Science, Innovation and Technology (DSIT), around half of UK businesses had experienced a cyber-attack in the previous 12 months.

These surveys have highlighted a concerning situation across various sectors, with many organisations struggling to keep pace with the rapidly evolving threat landscape. 

But where is the shortfall to be found? To find out more, we spoke with Mark Coates, VP EMEA at Gigamon, about the current state of cybersecurity in UK businesses and the potential solutions on the horizon.

Mark Coates, VP EMEA at Gigamon

The state of cybersecurity in the UK 

Mark paints a sobering picture of the current cybersecurity landscape in the UK.

"The state of cybersecurity in UK businesses is facing significant challenges," he notes. "Most UK businesses are severely under prepared to effectively handle the rise in cyberattacks.”

This underscores the pervasive nature of the threat and the urgent need for improved security measures. There is also a particularly alarming issue within the public sector.

"A recent government report reveals 43 legacy IT systems at critical risk, including 11 within the MoD, which is a ticking time bomb against modern cyber threats," says Mark.

The prevalence of outdated technology in critical systems represents a significant vulnerability in the UK's cybersecurity defences. 

These legacy systems, often deeply embedded in organisational infrastructure, can be challenging and costly to replace. However, their continued use poses an unacceptable risk in the face of sophisticated modern cyber threats.

"But the problem isn't only prevalent in the public sector, unpreparedness is a key theme in private organisations as well,” says Mark. “A recent survey reveals that a quarter of organisations are unable to address active threats, leaving them vulnerable to serious damage."

A call for action

With a new government in place, there is hope for a fresh approach to cybersecurity. Mark outlines some key areas where governmental action could make a significant impact:

"To enhance the UK's critical national infrastructure security, the new government's approach MUST focus on two key weaknesses," he states. "Firstly, addressing the problem of legacy technology is crucial; modernising and securing outdated systems will help mitigate vulnerabilities and enhance resilience against sophisticated cyber threats."

Mark also highlights the importance of supply chain security. "Secondly, organisations must address the most common entry point to CNI's which are their extended supply-chains. When selecting suppliers and vetting third parties, it's important to assess not just the quality and price of services offered, but also the IT maturity of the supplier."

One of the key methodologies that Mark believes the government should be promoting is the adoption of Zero Trust models. "The new government should advocate for the adoption of Zero Trust 'like' models," he advises. "With 64% of IT and security leaders anticipating a government mandate for Zero Trust within two years, it's clear that this approach, which includes network segmentation and total network traffic visibility, is becoming increasingly important."

Youtube Placeholder

However, cautions come with relying solely on new security tools. "With research showing that 70% of CISOs are questioning the effectiveness of their tool stacks in identifying and remediating breaches, it's clear that investing in 'shiny' new security tools is not the complete answer."

Instead, Mark advocates for a more holistic approach. "All these tools must be integrated into a broader security strategy, configured properly, and supplied with accurate data at the right time and place to identify threats promptly. This holistic approach ensures there are no blind spots, and all tools are working in a cohesive manner."

The path forward

As the UK faces these cybersecurity challenges, it's clear that a multifaceted approach is necessary. This includes modernising legacy systems, improving supply chain security, adopting Zero Trust models, and fostering a culture of cybersecurity awareness across all sectors.

But Mark insists this should come as a call for mandates on all cybersecurity practices.

"Yes, a mandate on Zero Trust would push organisations to take a more proactive approach to their cyber security, encouraging better security practices across all areas, not just at the perimeter."

As the UK moves forward in this digital age, the importance of robust, adaptive cybersecurity measures cannot be overstated. 

With concerted effort from both the public and private sectors, and a commitment to ongoing improvement and innovation, the UK can build a more secure digital future for all its citizens and businesses.

******

Make sure you check out the latest edition of Cyber Magazine and also sign up to our global conference series - Tech & AI LIVE 2024

******

Cyber Magazine is a BizClik brand


Share

Featured Articles

Why the UK’s Financial Authority Has Issued a Cyber Decree

The UK’s Financial Conduct Authority (FCA) has issued a cyber directive to financial firms following the CrowdStrike IT outage

Sustainability Secured: SolarEdge Devices Cyber Certified

SolarEdge has shown initiative to securing sustainability endeavours by getting certification for its products ahead of incoming mandatory requirements

Kyndryl and AWS: The Cyber Issues Facing the Energy Sector

Kyndryl and AWS survey highlights the cybersecurity readiness gap in energy enterprises, with oil & gas organisations among the top groups at risk

Customer Confidence: Hiscox Reveals Growing Cost of Attacks

Cyber Security

Supply Chain Security: Why Is It Key for the Energy Sector?

Cyber Security

Top 10 OT Platforms

Operational Security