Thales CTO Jon Geater and Peter Carlisle, Thales VP of Sales, EMEA, were recently featured in major news outlets espousing their opinions about internet-connected devices and the new Cyber Security Export Strategy.
Geater, on new UK IoT security guidelines
Earlier this month, the UK government announced guidelines to make internet-connected devices safer. Companies selling IoT goods are being asked to voluntarily sign up to a new code of conduct.
A portion of Geater’s comments addressing this new initiative were published in SC Media. His full comment may be found below:
With the growing number of IoT technologies now on the market, and the increasing amount of breaches hitting the headlines on an almost daily basis, it’s good to see the government taking an interest and bringing these devices into their ‘Secure by Design’ initiative.
The guidelines contain basic common sense considerations for makers of connected devices - ability to patch bugs, encryption of data – and should be incorporated in any device that connects to the Internet. Unfortunately, though, we still have not yet arrived at a point of mandatory compliance and I expect we will continue to see these very basic recommendations ignored and mistakes made for some time to come as people chase the IoT trend without considering or prioritising security. And, that’s before we consider the more advanced security features that are required to defeat bigger recent problems we’ve seen like Mirai.
Consumer and industry groups will also need to adopt security requirements for their own digital transformations if we are to see real improvements.
Carlisle, on the Cyber Security Export Strategy
Dr. Liam Fox, the UK International Trade Secretary, recently announced the launch of the Cyber Security Export Strategy to promote UK expertise and strengthen defence capabilities in the UK and allied countries. The UK sees its cyber-capabilities and its robust approach to security as an asset that it can offer to partners and allies, and a driver of UK exports. The new Export Strategy is described as supporting the ongoing work of the 2016 National Cyber Security Strategy.
With the threat level across the cyber security landscape constantly on the rise, it is paramount that a unified and proactive approach is adopted to digital defences both nationally and globally to be successful in the cyber war.
Software is now more embedded in more aspects of critical infrastructure and organisations – both public and private – than ever before. Consequently, reactive endpoint security alone will not be enough to keep us safe, and it’s reassuring to see that the government has actively recognised this.
The strategy being outlined today demonstrates a clear commitment from the government of the need to collaborate with industry experts on a global scale. By not only honing our skills here in the UK, but by exporting our expertise overseas too, this will ensure that we ward off attacks from foreign actors whilst simultaneously strengthening our own capabilities.