The need to improve partnerships between technology companies and the government

government tech

We spoke to James Griffiths, Co-Founder and Technical Director of Cyber Security Associates (CSA), on the need to improve partnerships between technology companies and the government.

James Griffiths began his career early, joining the army at the age of 16 – straight out of school –  where he worked as an apprentice. He worked in radio communications, and in many other areas, during his military service. Since leaving the military in 2014, Griffiths has built and grown Cyber Security Associates along with his business partner Dave Woodfine. The two founders have a great deal of experience in a variety of sectors, including financial, critical national infrastructure, cyber security, and security operations, in the government sector as well as in commercial businesses.

Key areas for the government to improve

During our conversation with Griffiths, we asked him about the key areas the government could work on when it came to cyber security. One of the main points Griffiths mentioned was how things have changed over the past three or four years through the creation of the National Cyber Security Centre. This brought the previously hidden GCHQ government space into the limelight and began to help businesses understand the risks and potential threats.

In turn, it’s also helped the government to improve its cyber security internally, through the National Cyber Security Strategy, which will guide and educate not just the government but also local councils, and even schools.

Advancements in AI and machine learning

We asked Griffiths about how advancements in AI and machine learning could affect the UK job market, and he pointed out that, “Artificial intelligence and machine learning is a route to simplify some of the tasks that we do continuously, on a day-to-day basis. And by using that kind of technology, and that kind of capability, it means that we can then focus our efforts on other things that we were maybe not having time for, or not having as many resources to be able to put into.”

However, there will always be the need for a human element with any of these programs, as they need to be managed, maintained, and audited. These programs will also need to be created in the first place, with the next generation being actively trained in coding so that they can build towards machine learning and AI algorithms that can improve our quality of life in the future.

The NCSC CyberFirst program

CSA became involved at the very beginning of this program when it was being tested, with Gloucestershire chosen as “a kind of incubator area to trial the program out, to get industry involved, to help go into more schools, to be able to enthuse and inspire the younger generation.” The program itself is meant to train children in both technology and areas surrounding STEM subjects like maths, science, and technology, and Griffiths notes, “there was nothing in the national curriculum with regards to it, so this is where the Cyber Schools Hub, that then became the CyberFirst program, was born from.”

The CyberFirst program offers not just training but also services like cyber graduate placements and apprenticeship schemes, to help these children enter the tech sector in the future. There are also industry leaders that go to speak at careers days and talk about the opportunities within the cyber security and information security sector. These have proven informative to not only the children but also to the parents, who were previously unaware that these things were available.

Potential security threats from government and security firm partnerships

From a government perspective, Griffiths explains that everything “goes through a vetting process and a clearance process.” However, when organizations do this, it does open them up to risk – they’ve got to trust that that organization has the same level of security, to ensure that nothing can become an insider threat.

Some jobs can’t be completed by the government alone, so there is a need for help from outside businesses. There’s a lot of promise in new start-ups which the NCSC can help to grow and gain access to funding or to help find investors to take the product to market. There will always be third-party security risks, but that is a necessary part of the process that has to be dealt with, regardless of company size.

Griffiths does point out that from a security point of view, you can “flip that the other way around, though – from a business risk perspective of someone working with the government, then obviously it opens you up to the government potentially having more access to your systems or more access to your resources than you would normally allow from an external organization.”

The role of ransomware protection in both government and businesses security

CSA often deals with organizations that have been hit by ransomware, mainly from an incident response perspective. Griffiths recalls one example when, “the IT director had just started in the role, and he’d been in less than a week in the organization, and they got hit.” This global incident was then dealt with by CSA. In many cases like this, businesses believe they are too small to be hit, and therefore safe from hackers. However, Griffiths warns that attackers won’t care about the size of the company if there is a potential way to gain access.

Read More:

A lot of government resources have been put into supporting businesses, to help them recover when an incident happens. It’s a good idea, however, to have an insurance policy – a lot of existing policies now require companies to have two-factor authentication enabled as a minimum before they will write the insurance policy.

These insurance companies are trying to put the emphasis back on the organizations, to spend a little bit of money to save them a lot more than they’d lose if they suffered a ransomware attack. Many of these attacks can be avoided through proper education, such as ensuring systems are patched correctly and identifying phishing emails.

If you’d like to hear the full interview with James Griffiths, the podcast is available to listen to here, and also on Spotify.

Click here to discover more of our podcasts

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Erin Laurenson

Multimedia Content Producer for TBTech

Ab Initio partners with BT Group to deliver big data

Luke Conrad • 24th October 2022

AI is becoming an increasingly important element of the digital transformation of many businesses. As well as introducing new opportunities, it also poses a number of challenges for IT teams and the data teams supporting them. Ab Initio has announced a partnership with BT Group to implement its big data management solutions on BT’s internal...

WAICF – Dive into AI visiting one of the most...

Delia Salinas • 10th March 2022

Every year Cannes held an international technological event called World Artificial Intelligence Cannes Festival, better known by its acronym WAICF. One of the most luxurious cities around the world, located on the French Riviera and host of the annual Cannes Film Festival, Midem, and Cannes Lions International Festival of Creativity. 

Bouncing back from a natural disaster with resilience

Amber Donovan-Stevens • 16th December 2021

In the last decade, we’ve seen some of the most extreme weather events since records began, all driven by our human impact on the plant. Businesses are rapidly trying to implement new green policies to do their part, but climate change has also forced businesses to adapt and redefine their disaster recovery approach. Curtis Preston,...