SpeechesTechnology

Oliver Dowden – 2023 Speech on Cyber Operations

The speech made by Oliver Dowden, the Deputy Prime Minister, on 7 December 2023.

Of all the risks that this country faces… there are none that are evolving more rapidly than those in the cyber domain.

More actors…

Have more sophisticated tools…

To target more people…

Than ever.

Protecting the public from cyber attack is a matter of the utmost importance.

Let’s be clear what’s being targeted here.

The critical services that government delivers:

Our public finances…

Our roads and railways…

Our schools…

Our health service…

Our armed forces…

Even the heart of central government itself.

Of all the vaults that cyber criminals are desperate to crack into…

… this one contains some of the greatest rewards.

That’s why we see so many attempts to breach our digital defences.

Last year, 40 per cent of the attacks addressed by the National Cyber Security Centre were against the public sector.

In a world where the new frontline is online…

…the people in this room are manning the barricades to keep us safe and secure…

… and for that I want to say thank you.

Despite the challenges we face, our cyber defences are stronger than ever.

Since it was published two years ago, the Government Cyber Security Strategy has been a game-changer.

Work is well underway to ensure that government’s most critical functions are significantly hardened to cyber attack.

And we have established ambitious targets that will see all government organisations made resilient to known vulnerabilities and common attack methods.

Through GovAssure – which I launched in April – we have transformed the oversight of governmental cybersecurity…

And the new ‘Government Cyber Coordination Centre’ – better known as ‘GC3’ is bringing together a community of cyber defenders from across government…

…sharing best practice…

… and showing that a “whole of government approach” is not a slogan, it’s a reality.

Working together with the National Cyber Advisory Board… (which I Chair)…

…and of course the National Cyber Security Centre.

All of you play a crucial role in iterating the strategy…

… and ensuring it is implemented right across Government.

Your work never stops… because the risk of attack never stops.

The threats we face are increasing and the nature of those threats is evolving.

Technologies are developing at an exponential rate…

…and have lowered the bar for hostile actors – states and criminals.

The biggest cyber threats are not just to our public services but the democratic means by which we deliver them.

Some states are likely to be harnessing significantly more sophisticated technology to sow confusion and dissension and chaos in our society.

Malicious actors continue to target high profile people within the political process.

This is not an abstract possibility. We have already seen it…

In Ukraine – with deep-fakes of President Zelensky…

In the US – where Iranian hackers have been indicted for undermining voter confidence and sowing discord…

And here in the UK – with our Electoral Commission targeted by a complex cyber attack.

As I warned at CYBERUK in Belfast in April…

…the greatest risks still emanate from the “usual suspects”…

…China, Iran, North Korea, and Russia.

But they are increasingly using ‘Wagner-style’ sub-state hackers to do their dirty work.

Today in concert with our Five Eyes and Euro-Atlantic partners….

I can tell you that a unit within the Russian Federal Security Service, known as Centre 18, has been behind sustained hostile cyber operations…

…aimed at interfering in parts of the UK’s democratic processes…

This has included targeting members of parliament…

…Civil servants, think tanks, journalists, and NGOs…

…through a group commonly known as Star Blizzard.

This group, operated by FSB officers, has also selectively leaked and amplified information designed to undermined trust in politics, both in the UK and in like minded states.

A senior representative of the Russian government has been summoned to the Foreign Office this morning and appropriate sanctions have been levelled.

Our political processes and institutions will continue to endure in spite of these attacks.

But they serve to prove that the cyber threat posed by the Russian Intelligence Services is real and serious.

It is a stark reminder that…

as we in government develop our capabilities…

…so do our adversaries, and those who do their bidding.

We are in a cyberspace race…

…them – to develop the tools to do us harm…

…us – to build the defences needed to protect against their attacks.

Next year, 3 billion people in 40 countries will head to the polls …

… and it is a fact that hostile state actors will continue to seek to undermine these collective expressions of democracy…

…because they fear the freedoms they represent.

We must – all of us – do all we can to resist.

There are two main ways in which we can get ahead:

Strengthening our cyber security systems…

…and improving our skills.

First, our systems.

It wasn’t that long ago that the government was still using fax machines.

I worked for the administration that helped to bring Whitehall into the digital age…

…and made our services “digital by default”.

The challenge is to make those digital systems “secure by design”…and to embed effective cyber security practices into our digital delivery.

That’s why I am announcing today that we will make security everyone’s responsibility…

…and make “secure by design” mandatory for central government organisations.

This approach is already inspiring our partners around the world…

…and, like our earlier digital revolution, is likely to be emulated around the world.

Your role in embedding this approach at home will be crucial.

Then there is the question of skills.

In this room we have a wealth of deep technical expertise…

…and we have the ability to share and collaborate with our international partners.

But we need the experts of the future to be coming up, through that pipeline, to meet the challenges of the future.

In the UK, as around the world, the shortage of cyber skills affects both the public and private sectors.

It is estimated that we have a shortfall of around 14,000 professionals….

…and that shortfall is particularly stark in the public sector.

As one of the largest employers of cyber security experts, the government’s actions can make a real difference to the makeup of the national profession.

So we have launched apprenticeship and fast stream programmes focused specifically on finding and developing  cyber talent.

This is the new frontline.

And we must form a united front…

…government, business, academia, individuals, all coming together to pre-empt and ward off these risks.

Not just “whole of government” – but “whole of society”.

It is what we have that our adversaries and their agents lack: unity.

And there are huge opportunities in that…

…particularly for our entrepreneurs and innovators.

They will develop the defensive technologies that will protect not just this country… but the world.

Britain has the opportunity to lead … in tech, in AI and in cyber…

…because the best place in the world to do business must also be the safest place in the world to do business…

…and together we can make that a reality.

Thank you.