The Chief Technology Officer of the National Cyber Security Centre (NCSC) has outlined why he doesn’t think the market for technology is working when it comes to cybersecurity.
Speaking in a keynote address at the CYBERUK conference in Birmingham, Ollie Whitehouse said that companies globally know how to build resilient, secure technology, but the market does not incentivise them to do so.
In his first major public address since taking up the role, stated that there is still a ‘thousand Band-Aid’ approach to cyber security – that organisations are layering sticking plasters over security cracks in an attempt to address technical debt – and for the UK to become a truly cyber-resilient nation, that approach needs to fundamentally change.
He argued that technology is changing at a rapid pace, but that regulation and legislation are not keeping pace and likely never will do. He called for technology developers to be honest about the profound challenges they are facing in order to develop products and services that are fit for purpose and for a resilient future.
Whitehouse stated: “The world is changing, fast, and we are facing a fundamental challenge: we don’t have the evidence for how to build a resilient country writ large.
“The challenges ahead of us are the horse-sized ducks of states with strategic intentions, and the duck-sized horses of criminal actors out for financial gain. And the reality is that we don’t get to choose which one we’d rather counter, because we have to be able to face both with confidence.
“We know how to design and build resilient, secure technology. We just need a market that supports and rewards it.”