Bulletin / CYBERUK 2022 –...

CYBERUK 2022 – What Did We Learn?

Author: Charlie Maclean-Bristol, Training Director, FBCI, FEPS

Charlie shares his thoughts on the recent CYBERUK 2022 conference.

This week Dawn, the Business Development Manager from PlanB Consulting, and I, attended CYBERUK 2022 at the ICC Conference Centre in Newport Wales. Therefore, for today’s bulletin, I will be sharing some of the highlights and my thoughts on the event. The event is the National Cyber Security Centre’s (NCSC) conference, and is very much geared around government organisations associated with cyber security. Within the actual event, there are also many large vendors for cyber security solutions.

For me, it felt very much like a ‘grown ups’ event. There were all the senior members of the government organisations, plus the seniors and salespeople from the vendors. The government was represented by the NCSC, ICO, CyBOK UK, Cyber Essentials, Cyber Scotland, and Scottish Business Resilience Centre as well as their English and Welsh equivalents. The exhibitors were mainly the large software and cyber response vendors, but there was also a smattering of small companies such as PlanB Consulting.

There was also a group of people all with name badges that only had their first name on, and their organisation as ‘HMG’. I assume they were from the NCSC, they looked like they didn’t get out much and were enjoying the chance of a day out. I did speak to a couple of them and they were quite happy to admit to this! The typical cyber professional seems to mainly be middle-aged and male, however, it was very noticeable that the ‘HMG’ employees were all very young, mostly under 35 and the group was very diverse. Even the seniors of the organisation seemed young, the leader of the NCSC and one of her senior managers were both females. One of the presentations on the stage was a talk about how the NCSC responded to help an Accountancy company which had had a ransomware attack. The man from the organisation was talking about the help ‘Richard’ from the NCSC had given him. Richard was obviously in the audience, as all his collages were looking around and smiling at him. Richard looked well under 30! The security of our nation is in the hands of a new generation which I think is a good thing.

I only attended a few of the lectures as I manned our own stand, but there were a few things from the talks which I thought might be interesting. The NCSC was heavily pushing incident management, exercising, and developing plans. What I thought was interesting was that the cyber industry, in terms of incident response, seems to be where the emergency planning profession was 20 years ago. One of the items talked about was incident management teams, and the need to keep rotating people in and out of the response role to prevent them from becoming burnt out and ineffective. They were all talking about the need to look after those affected by an incident. These things are already well known to the resilience community, but are being rediscovered by the cyber community. We had lots of people interested in our two-day cyber incident management course, and I very much felt that cyber incident management is coming of age. People are now beginning to sort out their cyber defence, and attention is switching to how to respond after a cyber incident.

In one of the online surveys, only 20% of the people said that they had exercised their cyber plans, and only 50% actually had plans! So there is quite a long way to go in cyber preparation. I believe that our Certificate in Cyber Incident Management course, the exercises we have run, playbooks that have been written, and the training delivered are perhaps ahead of their time. Now organisations are beginning to understand the need for a response as well as defence.

Dawn and I thoroughly enjoyed the conference and hopefully, we will be there next year!

You might be interested in the following stories

Cyber Playbooks - revisited and updated

Low-Level Cyber Attacks

An approach to cyber resiliency: unifying cyber security, incident response and business continuity

You may be interested in the following course

BCT Certificate in Cyber Incident Management (NCSC Certified Training) course

Sign-up to our newsletter