The UK’s cyber security chief, Richard Horne, recently raised a significant alarm about the growing gap between rising cyber threats and our ability to defend against them. Speaking at Singapore International Cyber Week, Horne, who leads the National Cyber Security Centre (NCSC), called for stronger collaboration between the UK and its allies to build global resilience against increasingly complex and aggressive online security issues.
He pointed out that while technology drives growth and opens up new opportunities, it also exposes us to greater cyber risks. “Without collective action, we risk widening the gap between escalating threats to our societies, critical services, and businesses, and our capacity to stay protected,” he explained.
The threat landscape is changing rapidly, with more serious incidents occurring. Horne noted that the NCSC is tackling 50% more major incidents in 2024 compared to last year, including a threefold increase in severe cases. This highlights the urgent need for coordinated global efforts to boost our cyber resilience. He stressed that security needs to be integrated into technology from the very beginning and that both public and private sectors must prepare not just to defend against attacks, but to recover quickly when they happen.
Last month, Horne mentioned that 39 countries and eight international insurance bodies backed guidelines for dealing with ransomware payments, developed during the Counter Ransomware Initiative Summit in October. The guidelines emphasize that paying ransoms doesn’t guarantee data recovery and encourages victims to report attacks, check their data backups, and consult with professionals. They also advise that organizations take proactive steps before an attack, including establishing clear policies and communication plans.
Horne believes this collaboration exemplifies how effective we can be when we work together, showing that cyberspace knows no borders. He also highlighted the importance of ensuring that emerging technologies are secure throughout their entire lifecycle. “Today’s innovation is tomorrow’s legacy,” he said. We need to manage these innovative technologies to keep them secure and resilient in the future.
Horne stressed that while developers must anticipate and mitigate future risks, it’s equally important for governments to step in and lead the discussions around these issues, rather than leaving them solely to businesses and public services.
The NCSC had previously cautioned that artificial intelligence (AI) is set to be widely used to enhance ransomware attacks. The technology is already being exploited for malicious activities. Horne reiterated that AI is evolving existing threats but isn’t fundamentally altering the risk landscape just yet. He urged everyone to follow the NCSC’s advice on cyber security hygiene to bolster their defenses against potential attacks.