GCHQ establishes research institute for cyber war
The UK's third intelligence service, GCHQ, is setting up a separate research organisation to counter cyber attacks against the country.
British intelligence agency GCHQ is to establish the UK's first academic research institute to help counter the growing threat of cyber attacks on the nation. Comprised of social scientists, mathematicians and computer scientists, the Research Institute in the Science of Cyber Security (RISCC) will work alongside GCHQ to provide information to help government, businesses and individuals protect themselves from hacking, viruses and other attacks over the internet.
This news comes in the same week that professional security certification body (ISC)2 suggested that instead of partnering with security organisations and building on existing knowledge, governments often think they have got to start from scratch with IT security. The company recommended that collaboration with experts and academics was the only solution that would work in the long term.
Paul Davis, director of Europe at FireEye – a leader in stopping advanced targeted attacks – has made the following comments:
"When it comes to IT security and international cybercrime, there seems to be an ongoing sense of inaction and complacency. In fact, GCHQ recently admitted that businesses are failing to do enough to protect themselves from 'real and credible threats to cybersecurity' – and in that respect, this is very welcome news indeed.
"With cyberwar and cyber espionage rapidly ascending the global agenda, the issue can no longer be ignored. Recent incidents and discoveries of incredibly sophisticated malware indicate a ticking time bomb that must be addressed by governments, businesses and indeed individuals everywhere. With that in mind, an urgent step change is needed in the way that we defend critical assets and information from advanced attacks – and to do that, we must become as creative, collaborative and determined as the cybercriminals themselves.
"This is not the time to be complacent and the RISCC is a good move in terms of understanding the most complex cybersecurity challenges and improving our readiness should the inevitable happen. Too many organisations are still stuck their ways when it comes to security – believing that current defences are adequate to thwart today's advanced threats. Though we have seen a stream of headlines depicting the need to deploy holistic security solutions that plug all network vulnerabilities and offer the deep visibility required to keep up with the changing threat landscape, perhaps an even louder voice is now needed. I hope that this move, and the resulting media attention will encourage more of us to wake up to the realities of the age that we have entered into."