BlackBerry and Jaguar Land Rover Sign Collaborative Supply Agreement

BlackBerry Limited and Jaguar Land Rover announced today that the companies have entered into a multi-year agreement to collaborate and develop technology for the automotive manufacturer’s next-generation vehicles.

As part of the agreement, BlackBerry will license its QNX and Certicom technology to Jaguar Land Rover, as well as assign a team of engineers to support in the development of new Electronic Control Unit (ECU) modules. The first ECU project will be a next-generation infotainment system.

“Working with BlackBerry will enable us to develop the safe and secure next-generation connected car our customers want,” said Dave Nesbitt, Vehicle Engineering Director at Jaguar Land Rover. “Together with BlackBerry engineers, we will be able to access the most dynamic and up-to-date software to ensure the highest security required for our connected vehicles.”

“We are at a pivotal moment, where innovative automakers, such as Jaguar Land Rover, are realizing they need to take an active role in defining the software architecture for their vehicles,” said John Wall, SVP and GM of BlackBerry QNX, BlackBerry. “Connected and autonomous vehicles will react and drive based on rich data. Our platforms help process data efficiently and keep it secure and trusted. We are incredibly honored to work with Jaguar Land Rover and look forward to our teams working hand in hand to deliver an enhanced driving experience for their customers.”

BlackBerry currently provides OEMs around the world with technology to protect and mitigate hardware, software, applications and end-to-end systems from cyberattacks. BlackBerry’s pedigree in security and continued innovation has led to recent automotive design wins with Baidu, Delphi, Denso, NVIDIA, Qualcomm, Visteon, and others.

Terms of the agreement are confidential. For more information on BlackBerry products and services for the automotive industry, please visit



Cyber Threatscape Top 10: Phishing emails deemed number one threat by UK businesses

Research from information security company, Clearswift, has shown that links within emails are perceived as posing the biggest cyber threat to UK businesses, with 59% of business decision makers highlighting this as a chief concern for their business, far more than any other threat.

The research surveyed 600 senior business decision makers and 1,200 employees across the UK, US, Germany and Australia. When asked what they see as the biggest threat to their organisation, business decision makers ranked phishing emails as the top threat in all four surveyed regions.

“Email security consistently rears its head as a key vulnerability in UK cyber defences. This highlights that businesses need to change the way they’re approaching the task of mitigating these risks”, said Dr Guy Bunker, SVP of Products at Clearswift

“It is easy for a company to perform mock phishing exercises and physical penetration tests to assess vulnerabilities, however this underhanded approach to catch staff out may not always prove to be the best way forward. The approach should be twofold, focused on balancing education with a robust technological safety net. This will ultimately help ensure the business stays safe.”

A lax attitude by employees to sharing passwords was ranked second on the list, as a source of cyber weakness, with one-third (33%) of UK businesses listing this as one of the biggest threats. USBs sticks were the next offender, with 31% of respondents highlighting USB/removable storage devices as a major threat. Worryingly, ahead of the GDPR deadline on May 25th, 30% felt that employees not following data protection policies could be one of the biggest threats to their organisation.

Failure by firms to cut off access to the network for ex-employees was next on the list with more than one in four (28%) considering this a major threat. Introduction of malware via personal devices was also present on the list, with more than a quarter (26%) highlighting this as a major threat to their organisation.

Despite some major hacks in 2017, hackers were only the seventh most selected threat, with 25% of businesses flagging this as a major threat.

Other threats to feature included the use of non-authorised tools/applications for work purposes (25%), including personal email drives and file sharing platforms. Additionally, threats coming from social media platforms, often used as a means of spear phishing, was a concern. UK businesses also saw stolen company devices as one of the biggest threats (23%), with these devices often containing critical information.

Dr Bunker added: “With the knowledge that most information breaches are inadvertent, technology can so often provide a clear solution. Like our content aware Adaptive DLP suite, the solution should focus on preventing the information from leaking out, but also provide feedback to the sender to inform them that they have violated policy. This way, a business can work towards a safer environment and a more security conscious workforce.”

Top Ten Cyber threats according to UK Businesses:

Business decision makers were asked to choose the threats that they saw as posing the biggest threats to their businesses.

  1. Malicious links within emails – 59%
  2. Employees sharing usernames/passwords – 33%
  3. USBs/removable storage – 31%
  4. Users not following protocol/data protection policies – 30%
  5. Ex-employees retaining access to network – 28%
  6. Viruses via malware on personal devices – 26%
  7. Hackers – 25%
  8. Employees using non-authorised tools/applications for work purposes (personal email drives/File sharing) – 25%
  9. Social Media viruses – 24%
  10. Critical information on stolen devices – 23%




Tomorrow’s cyber defenders battle for chance to compete with best of the USA

More than 130 students representing 18 of the UK’s top cybersecurity universities battled it out at the Inter-ACE 2018 cyber security challenge, hosted by the University of Cambridge this weekend. The competition, supported by GCHQ’s National Cyber Security Centre, and designed to attract the next generation of cyber security talent took place over two days on the 16th and 17th of March 2018.

The victorious team from the University of Edinburgh won the top prize of £6,000, with second place going to the University of Southampton and Imperial College London taking home bronze.

The winners will now compete with the best of the USA at C2C –’Cambridge2Cambridge’, a transatlantic contest jointly organised by the Massachusetts Institute of Technology (MIT) and the University of Cambridge to be held between the 29th of June and 1st of July 2018 at MIT’s Computer Science and Artificial Intelligence Laboratory, Cambridge, MA, USA.

Now in its third year, Inter-ACE was established to help resolve the vast and growing cyber security skills gap, with an estimated shortfall of 1.8m workers worldwide by 2022. Inter-ACE aims to inspire young tech enthusiasts into the cyber security sector, while also honing the skills of those who already have a strong aptitude for ethical hacking and helping them meet like-minded individuals and potential employers.

Professor Frank Stajano, Founder of Inter-ACE and Professor of Security and Privacy at the University of Cambridge, said: “It’s no secret that the cyber security industry is suffering from a large and growing skills gap. We must do more to attract a more diverse pool of talent into the field. This is about demonstrating that careers in cyber security not only help to keep your country, your friends and your family safe, but are varied, valued and most of all fun.

“There is still much more to be achieved, but I have been delighted over the last three years to be welcoming a growing number of female participants and contestants from increasingly diverse backgrounds to the two-day competition. We had 18 women competing this year, as opposed to just two when we started! It’s working. There is no set profile for a cyber security professional and Inter-ACE contributes to reaching more people with that important message”.

Nick L, a student from the winning team at the University of Edinburgh said “For people out there thinking about getting into cyber security and sitting on the fence, get yourself into a cyber security competition. Chances are the first one might not go so great, but you’ll get there and learn a lot. That’s exactly how we started out”.

Inter-ACE 2018 involved a number of different scenarios, including preventing a hack on a UK city’s infrastructure and a tap on an undersea communications cable. Connected devices such as a children’s toy were also used to demonstrate the impact of hacking techniques. The two-day event featured over 20 challenges in total, set by experts from the University of Cambridge and sponsors including Context IS and Palo Alto Networks.

Established through the UK’s National Cyber Security Strategy and supported by GCHQ’s National Cyber Security Centre, Inter-ACE is sponsored by Microsoft, BT, Palo Alto and Context IS.

The 18 universities that participated in this year’s Inter-ACE were Queen’s University Belfast, the University of Birmingham, the University of Cambridge, Cardiff University, De Montfort University, the University of Edinburgh, Edinburgh Napier University, Imperial College London, the University of Kent, Lancaster University,  Newcastle University, the University of Oxford, Royal Holloway University of London, the University of Southampton, the University of Surrey, University College London, the University of Warwick and the University of York.



Could Machine Learning Affect Data Regulation?

Machine learning is the application of artificial intelligence (AI) that uses huge amounts of data to automatically learn and improve something for itself.

Machine learning is already used by many of the world’s biggest technology companies to improve their services and software. Some prime examples of businesses that use machine learning are Amazon, which utilizes data about its customers to improve product recommendations and Facebook, which uses machine learning to recognise faces in photos.

Adoption of machine learning is set to grow at a rapid pace over the next few years. According to market intelligence firm Tractica Research, the market for artificial intelligence for enterprise applications will be worth $11.1 billion by 2024 – and that includes machine-learning AI.

Many companies across many industries are set to embrace machine learning then, but one big question remains: with so much data involved, what does this mean for businesses looking to adhere to data protection regulations?

How Machine Learning Affects GDPR Compliance

A large, blue, abstract blur in front of several skyscrapers via Pexels

The EU’s General Data Protection Regulation (GDPR) goes into effect on May 25, 2018. The regulation states that “The protection of natural persons in relation to the processing of personal data is a fundamental right.” As part of this approach, companies that store personal data must have explicit permission (and must request permission if they do not already have it) in order to use said personal data. Companies must also inform individuals if they store personal information and also explain how they use said information. These companies are deemed to be data controllers or data processors, between which there is a subtle difference, handling the data of “data subjects.”

When it comes to machine learning, the GDPR could potentially be a problem. How will data processors properly explain that they are using this personal data for machine learning purposes – and if so, how exactly does the GDPR apply? How will customers feel to learn that their data is being used in order to better sell and promote products to themselves and other customers that shop with a retailer, considering these data subjects’ explicit permission is required? Will the phrasing of this information concern consumers, and will it be adequate in explaining the process?

A sheet of paper with statistics on it is next to a laptop computer via Pexels

For businesses, there are also challenges in terms of adapting the machine learning algorithm if data is removed from the pool. People have the right to withdraw permission to use their personal data which would rule that particular person’s dataset out of the machine learning data pool and could require businesses that use machine learning algorithms to get their computers to reexamine a dataset and make a new outcome when that data is omitted.

Moreover, GDPR also states that businesses using data for machine learning must be “fair and unbiased”. Businesses will also have to take appropriate steps to ensure that their machine learning processes work as such, and look into the legal definitions of such terms and how they apply to AI algorithms.

Machine learning offers a huge opportunity for businesses to expand and improve the services and products they offer but it should not be used without the proper care and measures in order to remain GDPR compliant. Intervention from the GDPR could be costly – up to 4% of a business’ total global revenue or 20 million euros – and failing to be compliant on this could see customers lose confidence, making it even more important for businesses to tread carefully.



Noord Infosec Dialogue Nordics

The Noord Group presents the Noord Infosec Dialogue Nordics which brings together 50 industry leading CISOs and Heads of Information Security from across the Nordic region and offers exclusive networking and benchmarking opportunities. 

When and where will it be held? 

Thursday 24th May 2018 at the Scandic Infra City Hotel in Stockholm, Sweden 

The smart and stylish venue is located just 15 minutes from Arlanda airport and 20 minutes from the centre of Stockholm. 

As part of #noordSWE the Dialogue will be running alongside its sister programme – the  IT & Digital Leaders Dialogue Nordics which is for CIOs and senior level technology and innovation professionals.   

What exciting things can people look forward to for the May 2018 version? 

Hosted by Dimitrios Stergiou, attendees can look forward to a full day of insightful discussion and dialogue around their areas of focus for the year ahead. The agenda has been built with the market in mind and follows on from months of research with CISOs from across the Nordics region.  

With case studies, panel discussions, workshops and roundtables the event will cover the challenge of changing the perception of information security, defining what a good security culture looks like and how to prepare and respond to a breach as well as many more.  

Attendees can also look forward to a personalised itinerary which includes the opportunity to meet with their choice of solution partners, hand-picked to help you achieve your business goals for 2018, and beyond. 

What is the inspiration behind the Dialogue? 

With digital technology becoming more and more widespread in both life and work comes the ever present threat of cyber-attacks. It is essential that the Nordic region’s revolutionary spirit in the digital sphere is not undermined by lax information security practices! 

Who will be speaking? 

The programme will be led by a range of industry experts in the form of engaging case studies, panel discussions and interactive discussions. Speakers confirmed to join the line-up at Noord Infosec Dialogue Nordics include: 

  • Dimitrios Stergiou, Group Chief Information Security Officer, Modern Times Group 
  • Anna Idorn, Chief Information Security Officer, Ikano Bank 
  • Kaj Paananen, General Manager, Wärtsilä Corporation 
  • Poul Halkjaer Nielsen, Chief Information Security Officer, University of Copenhagen 
  • Petri Ala-Annala, Chief Information Security Officer, Nobia 

To view the full agenda click HERE. 

How can you book tickets? 

The Noord Group would like to offer the Digital Forensics Magazine community a VIP pass for just £99 (saving you £400!) to the Dialogue.  

What does your VIP pass include? 

– A personalised itinerary so that you can make the most of your time out of the office
– Access to all content, sessions and networking opportunities
– Refreshments provided regularly throughout the day 

The VIP pass is based on a first come first served basis so to secure your attendance for this business critical dialogue opportunity, please click HERE* and use the VIP code: DIGFORVIP on the registration page to save your place (and save £400!) 

Should you have any questions please do not hesitate to email us at  

* By registering for this event, you are submitting your application to attend. Once complete, we will review your application. When you have been approved, you will receive your confirmation welcome pack via email 




TechVets Launch Digital Cyber Academy

It was a real privilege to be invited to be a panelist at the launch event of the TechVets ( Digital Cyber Academy ( held at Level 39 on Thursday the 8th March.

The TechVets event was the brainchild of four people (Mike Butcher MBE, Peter Connolly, Euan Crawford & Mark Milton) who deserve much praise for pulling it all together. I should add that the event was supported by Amazon, ORACLE, IBM, Google and many other names from the tech industry; however what was significant to me was the support provided by many SME organisations, many of which are run by or employ veterans. These SME’s do not have the large budgets to support such worthy initiatives, but felt that TechVets was important enough to get involved in and I applaud their commitment.

There were many messages from those who had already made the transition from Military to Civilian life, including yours truly, albeit it was sometime ago now that I made my transition into an industry that was in its infancy. The messages were quite clear and succinct, the skills that you learn and practice whilst in all aspects of the military are directly translatable to opportunities in the tech industry. By this I do not mean just the technical skills, but the more softer skills that are often missing from civilians as they have not had the need to use such skills. By way of example, skills such as how to assess a situation, make a plan and execute that plan, once the plan is executed to constantly monitor the execution and make changes as the situation dictates; these are directly related skills to managing incidents within the technology sector; in addition those who assess risk and options at a strategic level have skills that translate directly to Chief Risk Officers (CRO’s) in the corporate environment, I could go on but this would very soon become a job skills translation matrix, maybe something that might be useful but there are better people out there that could put such a matrix together than I. Taking a quick look at the career transition partnership (ctp) website ( on the home page is a list of 6 transferable skills, namely;

Communication skills
Organisation and commitment
Problem solving and adaptability
Leadership and management skills
Health and safety, security awareness
Team working

This was the same list that I was given some 20 plus years ago. I am in no way saying that the career transition partnership is not good and that the process is flawed, far from it, I am sure that the process is well thought through with much help and good advice being provided. Where I think we may have to look deeper is at how the ‘skills and interest analysis’ for leaving servicemen and women is being carried out, and how the results might be mapped to the opportunities that are available in the growing technology sector, just making service leavers aware that these roles exist and that they are capable of doing them would be a start, lets be inclusive, not exclusive in the process.

It was clear to me during the TechVets launch event that when people were talking about Cyber Security they appeared to be focussing more on the service sector and how cyber security experts are utilised by the likes of IBM, ORACLE, SAP, KPMG, NCC Group etc. or one of the myriad of SME consultancy/service companies that are out there. The opportunities for our service leavers is much wider than just the service sector. The last major revolution was the Industrial Revolution and the mechanisation that resulted, the Digital Revolution has enabled business to take the next leap from mechanisation to automation with greater outcomes in terms of productivity and cost reduction. This move towards autonomy transcends all business sectors from the Built Environment, Manufacturing, Transport, Health etc. resulting in opportunities and skills shortages in all these sectors, if you add into this mix the integration of physical security technology (much utilised in the military) with the more traditional cyber security technology there lies an even greater number of opportunities for our service leavers.

It is at this point I guess I must address the topic of skills training. This is a complex and significant topic that I am not going to be able to do justice to here in this short note. The Worshipful Company of Information Technologists (WCIT – where I chair the Security Panel have been working for some time to get coherence around Cyber Security and Skills including the modern day apprenticeships in cyber security. In addition there is significant work going on with regard to getting coherence in Professionalising the Cyber Security Professional and the various certifications and awards that are out there. This is important for those going through career transition in knowing what is recognised and relevant to the particular technology security career path they wish to follow. If I was to provide some advice at this point, it would be to look at the professional bodies such as the IET, BCS, ICE, IISP etc., there are many others out there and it would take too long for me to list them all and no inference should be taken by exclusion. Clearly selecting the correct training course when spending your training budget during career transition is essential and this is possibly another area that might be reviewed with regard to career transition, to ensure that the appropriate courses for the various career opportunities are identified and accredited in some way. There is also the possibility of looking at ‘accreditation of prior learning’ where military courses are given credits towards attaining accredited training certifications and academic qualifications. What I do believe is that the Digital Cyber Academy is certainly a good starting point. As someone who did a Health & Safety course for his transition and subsequently did a part time MBA at the Open University to understand how to run a business, then studied a Masters Degree in Information Security at the age of 44; I can say that the resettlement course whilst useful and at times and sometimes relevant in my work, it was not directly relevant to my ultimate career path and I suspect that this may be the same for many others, when a clear course choice for the desired career path does not exist.

As a last thought on the launch, I was very interested in a statement made by a member of the audience where he stated “I do not know how to be a civilian!”, this was followed up by a panel member who pointed out that the Military do look after our servicemen and women very well and that they are sheltered somewhat from life on the other side of the fence. Clearly if this is a widely held view by service leavers, then possibly the resettlement or career transition process needs to be reviewed as to the wider aspects of transition, not just the career path. To get a quick view for myself I went to the .GOV.UK website ( Clearly much has moved on since my own transition in the early 90’s (yes I am that old), however I did feel that much of the focus was on career transition, not necessarily transition from military to civilian life.

So in short, I believe we still have much to do in order to maximise the ability of service leavers to move into the cyber security technology sector and help reduce the skills shortage that we are currently experiencing and will continue to have for some time. I therefore offer my congratulations again to those who have worked hard to established TechVets and get it to its launch position and wish all service leavers well in their transition. If I was to offer a note of caution it would be that the TechVets initiative needs to establish itself beyond the current goodwill with a governance structure and to ensure that they avoid becoming an organisation that just feeds the larger service companies.



£25m for 5G projects on the anniversary of the UK’s Digital Strategy

On the first anniversary of its Digital Strategy, the government has today announced the winners of a £25 million competition to pave the way for a future rollout of 5G technology in the UK.

From the Orkney Islands to the West of England, the six projects led by small and medium-sized enterprises (SMEs), universities and local authorities represent the best of UK innovation, resources and expertise.

They will test 5G across a range of applications, including smart farming with drones, using the ‘Internet of Things’ (IoT) to improve healthcare in the home, increasing manufacturing productivity and maximising the future benefits of self-driving cars.

They are part of a £1 billion commitment through the Digital Strategy to keep Britain at the forefront of connectivity by accelerating the deployment of next generation digital infrastructure and driving forward new 5G business opportunities.

Margot James, Minister of State for Digital and the Creative Industries, said:

“One year on from the Digital Strategy, we are delivering on our commitments to create a Britain fit for the future, with a thriving digital economy that works for everyone.

“The ground-breaking projects announced today will help to unlock 5G and ensure the benefits of this new technology are felt across the economy and wider society.”

Each testbed will receive between £2 million and £5 million in government grants, as part of a total investment of £41m from private sector and other public sector funding, to explore new ‘fifth generation’ mobile communications technologies that use high frequency spectrum to deliver internet speeds of over a gigabit per second.

Professor Rahim Tafazolli, Founder and Director of 5GIC and leader of 5GUK Networks said:

“The 5G Innovation Centre is extremely pleased and proud to have been able to play a leading part in in supporting the DCMS UK 5G testbeds and trials programme. 5G represents a fundamental transformation of the role that mobile technology plays in society, delivering rich new services in sectors such as finance, transport, retail and health. It will drive trillions of dollars of additional activity through the world digital economy and the DCMS programme will ensure that the UK stays at the forefront of this exciting global race.”

The Digital Strategy launched in March 2017 to continually drive the UK’s connectivity, telecommunications and digital sectors, and invest in industries, infrastructure and skills. Infrastructure is also one of the key foundations of our modern Industrial Strategy, and both seek to create the conditions for the UK’s digital economy to thrive; through overcoming barriers to growth and promoting more high-skilled, high-paid jobs of the future.

A year later, there are nearly 60,000 tech businesses in the UK, we remain the number one location for tech investment in Europe and have cemented our position as a leader in some of the most innovative and strategically important digital sectors.

In particular, the UK’s fintech sector is larger than New York’s or the combined fintech workforce of Singapore, Hong Kong and Australia. Healthtech, accelerated by needs of the NHS, is also now a thriving digital sector in the UK.

Delivering on its commitments to future-proof the economy through the Digital Strategy, in the last twelve months alone the Government has:

  • Delivered more than 2.5 million free digital skills training opportunities with industry as part of the Digital Skills Partnership, with almost half a million new pledges made;

  • Reached its target for 95% of premises to have access to superfast broadband by the end of 2017;

  • Committed £75 million investment to take forward key recommendations in the independent review of AI, including a new Centre for Data Ethics and Innovation;

  • Announced the creation of new AI fellowships and funding for 450 PhD researchers to secure the UK’s leading position in the global AI market;

  • Confirmed a £21m investment in Tech Nation to establish regional hubs throughout the country, widening access to Tech City’s training, mentoring and development programmes;

  • Announced £84m to boost the skills of 8,000 computer science teachers to make sure every secondary school has a qualified computer science teacher by 2022.

  • Announced a plan to unlock over £20 billion of patient capital investment in innovative firms by doubling the annual allowance of the Enterprise Investment Scheme and the Venture Capital Trust scheme;

  • Supported and funded the Tech Talent Charter, an industry-led initiative committing over 170 industry signatories to diversity in tech;

  • Supported the creation of a fantastic environment for early stage tech businesses – there are more than 200 incubators and 160 accelerator programmes located across the UK offering a mix of funding, mentoring and training;

  • Introduced and updated the 5G strategy to deliver high quality coverage where people live, work and travel including setting out actions to ensure that mainline rail routes, major roads and connectivity ‘hotspots’ are 5G-ready.


The Digital Strategy also focuses on building and maintaining public confidence in the use of data by businesses, while ensuring the power of data can be unlocked for innovation.

Many organisations still need to act to make sure the personal data they hold is secure and they are prepared for the Data Protection Bill, which will become law on 25 May. It will give UK citizens more control over use of their data, and provide new rights to move or delete personal data.

A new campaign, led by the Information Commissioner’s Office, will prepare SMEs to be compliant with these updated laws for the digital age. It will encourage businesses to access the wealth of free help and guidance available from the ICO.

The Strategy also reflects the Government’s ambition to make the internet safer for children by requiring age verification for access to commercial pornographic websites in the UK. In February, the British Board of Film Classification (BBFC) was formally designated as the age verification regulator.

Our priority is to make the internet safer for children and we believe this is best achieved by taking time to get the implementation of the policy right. We will therefore allow time for the BBFC as regulator to undertake a public consultation on its draft guidance which will be launched later this month.

For the public and the industry to prepare for and comply with age verification, the Government will also ensure a period of up to three months after the BBFC guidance has been cleared by Parliament before the law comes into force. It is anticipated age verification will be enforceable by the end of the year.



UK’s best young cyber talents tackle cyber-attacks to win a trip to the US

Bright sparks from across the UK and Overseas Territories compete in the National Final of CyberCenturion, a cyber defence and STEM skills competition, led by global security company Northrop Grumman in partnership with government-backed Cyber Security Challenge UK and supported by the US Air Force Association. The ten finalist teams will compete in a battle against the clock, working as cyber security consultants defending against fictional live attacks, all with the hope of being crowned champions and winning a trip to the United States for their team.

The competitors will adopt the persona of the security team of a fictional gaming association that have been tasked with helping to secure the gaming industry after a spate of cyber security attacks. Helping five different fictional companies, they will use their evolving cyber security skills to identify vulnerabilities in the networks, make critical patches and defend the system against attacks.

The gaming theme was selected for the storyline as evermore games and hobbies are becoming digitalised and to help educate young people to know about the potential dangers linked to online gaming. From cybercriminals using gaming forums to exploit young people, to understanding what happens to their data when a company is hacked or knowing how to stay on the right side of the law; simple gaming cheats can fall on the wrong side of the Computer Misuse Act for example.

Oliver Dowden CBE MP, Minister for Implementation, Cabinet Office said: “As our National Cyber Security Strategy highlights, it is critically important that we develop the skills and capabilities we need to address the challenges we face. We can only succeed if we work in partnership with organisations like Northrop Grumman and the Cyber Security Challenge to inspire the next generation of cyber security professionals and entrepreneurs. It is fantastic to see so many young people take advantage of the exciting opportunities this competition brings – congratulations to them all.”

The ten finalist teams are the top performers from a series of intense qualifying rounds which took place over the last six months between with competitors from across the UK and Overseas Territories. They are competing to win an all-expenses paid trip to the US, courtesy of Northrop Grumman. There they will meet senior figures within the organisation, visit national landmarks and learn more about coding and cyber at venues such as the National Cryptologic Museum.

“Creating greater awareness of STEM and building a more diverse workforce are global imperatives, and CyberCenturion is spearheading these efforts, helping to address the urgent need to foster the cyber talent of the future,” said Andrew Tyler, chief executive, Northrop Grumman Europe.  “CyberCenturion continues to grow and provide opportunities to engage young people who are curious about technology and cyber security, and eager to put their existing skills to the test. We look forward to an exciting national finals competition.”

A key element of CyberCenturion’s success is that competitors do not need any prior experience in cyber defence; participants are provided with the training and preparation materials required. This makes the programme accessible and encourages broad participation. Diversity is critical in the profession; as the cyber threat becomes more complex, workforce diversity is important in bringing different perspectives, academic backgrounds, experience and problem-solving approaches to addressing the challenges. That’s why this year’s competition also sees the introduction of different ‘tracks’, encouraging more girls to take part and a track specifically for cadet groups as the Centurion programme is well designed to sit both in or outside of academic activities.

Colin Lobley, CEO, Cyber Security Challenge UK, said: “Competitions like CyberCenturion are critical in helping to inspire the next generation of cyber security talent and plugging the skills gap that we see in the industry today. We provide a safe and secure environment for young people to test their cyber skills, helping them to grow and learn along the way. This storyline is also extremely relevant to the age group and should help to demonstrate how cyber security is critical to them, not just the corporate world. I would encourage any young person to have a go at the competition in future, they may be surprised at what they can achieve!”

CyberCenturion aims to engage thousands of talented young individuals curious about cyber security and eager to put any existing cyber skills to the test. As a national, team-based cyber security contest, CyberCenturion is designed to address the nationwide STEM skills gap by opening up cyber security education to youth groups from every sphere of life; from cadet corps, Scout groups and Girl Guides, to school clubs and community groups. All of which will help to tackle the ever-expanding technology skills gap and inspire the next generation of digital defenders who will help keep our nation safe.

To express interest in the next CyberCenturion competition, click here. For other competitions outside of this age group, please click here.



SonicWall Cyber Threat Report Illustrates Intense Cyber Arms Race; Cyber Attacks Becoming No. 1 Business Risk

SonicWall, the trusted security partner protecting more than 1 million networks worldwide, announces research and intelligence from its 2018 Cyber Threat Report. In sum, the company recorded 9.32 billion malware attacks in 2017 and saw more than 12,500 new Common Vulnerabilities and Exposures (CVE) reported for the year.

“The cyber arms race affects every government, business, organization and individual. It cannot be won by any one of us,” said SonicWall CEO Bill Conner. “Our latest proprietary data and findings show a series of strategic attacks and countermeasures as the cyber arms race continues to escalate. By sharing actionable intelligence, we collectively improve our business and security postures against today’s most malicious threats and criminals.”

  • The annual threat report frames, compares and contrasts advances made by both cybersecurity professionals and global cybercriminals.
  • Cyber attacks are becoming the No. 1 risk to business, brands, operations and financials
  • 9.32 billion total malware attacks in 2017, an 18.4 percent year-over-year increase from 2016
  • Ransomware attacks dropped from 638 million to 184 million between 2016 and 2017
  • Ransomware variants, however, increased 101.2 percent
  • Traffic encrypted by SSL/TLS standards increased 24 percent, representing 68 percent of total traffic
  • Without SSL decryption capabilities in place, the average organization will see almost 900 attacks per year hidden by SSL/TLS encryption
  • SonicWall identifies almost 500 new previously unknown malicious files each day

“The risks to business, privacy and related data grow by the day — so much so that cybersecurity is outranking some of the more traditional business risks and concerns,” said Conner.

Security Industry Advances
Total ransomware attack volume declines.

Even with WannaCry, Petya, NotPetya and Bad Rabbit ransomware attacks stealing the headlines, the expectations of more ransomware attacks simply did not materialize as anticipated in 2017. Full-year data shows that ransomware attacks dropped from 638 million to 184 million between 2016 and 2017.

  • Volume marked a 71.2 percent drop from the 638 million ransomware attack events SonicWall recorded in 2016
  • Regionally, the Americas were victimized the most, receiving 46 percent of all ransomware attack attempts in 2017
  • Europe saw 37 percent of ransomware attacks in 2017
  • SonicWall Capture Advanced Threat Protection (ATP), a cloud-based, multi-engine sandbox, identified one new malware variant for every 250 unknown hits

SSL/TLS use increases again.
Web traffic encrypted by SSL/TLS standards made yet another significant jump in 2017. This shift has already given more opportunity for cybercriminals and threat actors to hide malicious payloads in encrypted traffic.

  • Encrypted SSL/TLS traffic increased 24 percent
  • SSL/TLS traffic made up 68 percent of total traffic in 2017
  • Organizations are beginning to implement security controls, such as deep packet inspection (DPI) of SSL/TLS traffic, to responsibly inspect, detect and mitigate attacks in encrypted traffic

Effectiveness of exploit kits impacted.
With most browsers dropping support of Adobe Flash, no critical flash vulnerabilities were discovered in 2017. That, however, hasn’t deterred threat actors from attempting new strategies.

  • SonicWall provided protection against Microsoft Edge attacks, which we observed grew 13 percent in 2017 over 2016
  • SonicWall also protects the most popular Adobe products — Acrobat, Acrobat DC, Reader DC and Reader — and we observed attacks against these applications were down across the board
  • New targeted applications (e.g., Apple TV, Microsoft Office) cracked SonicWall’s top 10 for the first time

Law enforcement turns the tide.
Key arrests of cybercriminals continued to help disrupt malware supply chains and impact the rise of new would-be hackers and authors.

  • Law enforcement agencies are making an impact by arresting and convicting malware authors and disruptors
  • Cybercriminals are being more careful with how they conduct business, including dynamic cryptocurrency wallets and using different transaction currencies
  • Cooperation between national and international law enforcement agencies is strengthening the disruption of global cyber threats

“Stabilizing the cyber arms race requires the responsible, transparent and agile collaboration between governments, law enforcement and the private sector,” said the Honorable Michael Chertoff, Chairman of the Chertoff Group, and former U.S. Secretary of Homeland Security. “Like we witnessed in 2017, joint efforts deliver a hard-hitting impact to cybercriminals and threat actors. This diligence helps disrupt the development and deployment of advanced exploits and payloads, and also deters future criminals from engaging in malicious activity against well-meaning organizations, governments, businesses and individuals.”

Cybercriminal Advances

More unique types of ransomware found in the wild.
While the total volume of ransomware attacks was down significantly year over year, the number of ransomware variants created continues an upward trend since 2015. The variant increase, coupled with the associated volume of 184 million attacks, leaves ransomware a prevelant threat.

  • Ransomware variants increased 101.2 percent in 2017
  • SonicWall Capture Labs threat researchers created 2,855 new unique ransomware signatures in 2017, up from the 1,419 published in 2016
  • Ransomware against IoT and mobile devices is expected to increase in 2018

SSL encryption still hiding cyber attacks.
Hackers and cybercriminals continued to encrypt their malware payloads to circumvent traditional security controls. For the first time ever, SonicWall has real-world data that unmasks the volume of malware and other exploits hidden in encrypted traffic.

  • Encryption was leveraged more than previous years, for both legitimate traffic and malicious payload delivery
  • SonicWall Capture Labs found, on average, 60 file-based malware propagation attempts per SonicWall firewall each day
  • Without SSL decryption capabilities in place, the average organization will see almost 900 file-based attacks per year hidden by TLS/SSL encryption

“Industry reports indicate as high as 41% of attack or malicious traffic now leverages encryption for obfuscation, which means that traffic analysis solutions and web transaction solutions such as secure web gateways each must support the ability to decrypt SSL traffic to be effective,” wrote Ruggero Contu and Lawrence Pingree of Gartner.*

Malware cocktails mixing things up.

While no single exploit in 2017 rose to the level of darknet hacker tools Angler or Neutrino in 2016, there were plenty of malware writers leveraging one another’s code and mixing them to form new malware, thus putting a strain on signature-only security controls. SonicWall Capture Labs uses machine-learning technology to examine individual malware artifacts and categorizes each as unique or as a malware that already exists.

  • SonicWall collected 56 million unique malware samples in 2017, a slight 6.7 percent decrease from 2016
  • Total volume of unique malware samples in 2017 was 51.4 percent higher than 2014

Chip processors, IoT are emerging battlegrounds.
Cybercriminals are pushing new attack techniques into advanced technology spaces, notably chip processors.

  • Memory regions are the next key battleground that organizations will battle over with cybercriminals
  • Modern malware writers implement advanced techniques, including custom encryption, obfuscation and packing, as well as acting benign within sandbox environments, to allow malicious behavior to remain hidden in memory
  • Organizations will soon need to implement advanced techniques that can detect and block malware that does not exhibit any malicious behavior and hides its weaponry via custom encryption

“Sandbox techniques are often ineffective when analyzing the most modern malware,” said SonicWall CTO John Gmuender. “Real-time deep memory inspection is very fast and very precise, and can mitigate sophisticated attacks where the malware’s most protected weaponry is exposed for less than 100 nanoseconds.”

In addition to these findings, the 2018 SonicWall Annual Threat Report also identified best practices and security predictions for 2018, which are discussed in detail in the full report. To download the complete report, please visit

For current cyber attack data, visit the SonicWall Security Center to see latest attack trends, types and volume across the world.

*Gartner, “Competitive Landscape: Secure Web Gateways,” Ruggero Contu, Lawrence Pingree, 12 September 2017.

About the SonicWall Capture Threat Network

Data for the 2018 SonicWall Cyber Threat Report was gathered by the SonicWall Capture Threat Network, which sources information from global devices and resources including more than 1 million security sensors in nearly 200 countries and territories; cross?vector, threat?related information shared among SonicWall security systems, including firewalls, email security, endpoint security, honeypots, content-filtering systems;  SonicWall Capture Advanced Threat Protection multi?engine sandbox; and SonicWall’s internal malware analysis automation framework.



Fortinet Threat Landscape Report Reveals Attacks Per Firm Increased by 82%

Swarm Cyberattacks Target the Internet of Things (IoT) with Growing Intensity

Phil Quade, chief information security officer, Fortinet

“The volume, sophistication, and variety of cyber threats continue to accelerate with the digital transformation of our global economy. Cybercriminals have become emboldened in their attack methods as they undergo a similar transformation, and their tools are now in the hands of many. The stark reality is that traditional security strategies and architectures simply are no longer sufficient for a digital-dependent organization. There is incredible urgency to counter today’s attacks with a security transformation that mirrors digital transformation efforts. Yesterday’s solutions, working individually are not adequate. Point products and static defenses must give way to integrated and automated solutions that operate at speed and scale.”

Fortinet® (NASDAQ: FTNT), has announced the findings of its latest Global Threat Landscape Report. The research reveals that attacks per firm increased over the previous quarter. In addition, automated and sophisticated swarm attacks are accelerating making it increasingly difficult for organizations to protect users, applications, and devices. For a detailed view of the findings and some important takeaways for CISOs read the blog. Highlights of the report follow:

Swarm Cyberattacks Increase in Volume, Variety, and Velocity

The sophistication of attacks targeting organizations is accelerating at an unprecedented rate. Digital transformation isn’t just reshaping business, cybercriminals are leveraging the expanding attack surface it creates for new disruptive opportunities to attack. They are implementing newer swarm-like capabilities while simultaneously targeting multiple vulnerabilities, devices, and access points. The combination of rapid threat development combined with the increased propagation of new variants is increasingly difficult for many organizations to combat.

  • Unprecedented Volume: An average of 274 exploit detections per firm were detected, which is a significant increase of 82% over the previous quarter. The number of malware families also increased by 25% and unique variants grew by 19%. The data not only indicates growth in volume, but also an evolution of the malware as well. In addition, encrypted traffic using HTTPS and SSL grew as a percentage of total network traffic to a high of nearly 60% on average. While encryption can certainly help protect data in motion as it moves between core, cloud, and endpoint environments, it also represents a real challenge for traditional security solutions.
  • IoT Attack Intensity: Three of the top twenty attacks identified targeted IoT devices and exploit activity quadrupled against devices like WiFi cameras. None of these detections were associated with a known or named CVE, which is one of the troubling aspects of vulnerable IoT devices. In addition, unlike previous attacks, which focused on exploiting a single vulnerability, new IoT botnets such as Reaper and Hajime can target multiple vulnerabilities simultaneously. This multi-vector approach is much harder to combat. Reaper’s flexible framework means that, rather than the static, pre-programmed attacks of previous IoT exploits, Reaper’s code is easily updated to swarm faster by running new and more malicious attacks as they become available. Demonstrating its swarm abilities, exploit volume associated with Reaper exhibited a jump from 50K to 2.7 million over a few days before dropping back to normal.
  • Ransomware Still Prevalent: Several strains of ransomware topped the list of malware variants. Locky was the most widespread malware variant and GlobeImposter followed as the second. A new strain of Locky emerged, tricking recipients with spam before requesting a ransom. In addition, there was a shift on the darknet from only accepting Bitcoin for payment to other forms of digital currency such as Monero.
  • Cryptocurrency Mining on the Rise: Cryptomining malware increased, which seems to be intertwined with the changing price of Bitcoin. Cybercriminals recognize the growth in digital currencies and are using a trick called cryptojacking to mine cryptocurrencies on computers using CPU resources in the background without a user knowing. Cryptojacking involves loading a script into a web browser, nothing is installed or stored on the computer.
  • Sophisticated Industrial Malware: An uptick in exploit activity against industrial control systems (ICS) and safety instrumental systems (SIS) suggests these under-the-radar attacks might be climbing higher on attackers’ radar.  An example is an attack codenamed Triton. It is sophisticated in nature and has the ability to cover its tracks by overwriting the malware itself with garbage data to thwart forensic analysis. Because these platforms affect vital critical infrastructures, they are enticing for threat actors. Successful attacks can cause significant damage with far-reaching impact.
  • Attack Variety: Steganography is an attack that embeds malicious code in images. It’s an attack vector that has not had much visibility over the past several years, but it appears to be on the resurgence. The Sundown exploit kit uses steganography to steal information, and while it has been around for some time, it was reported by more organizations than any other exploit kit. It was found dropping multiple ransomware variants.

Fighting Swarm Attacks Requires Integrated Security

The threat data in this quarter’s report reinforces many of the predictions unveiled by the Fortinet FortiGuard Labs global research team for 2018, which predicted the rise of self-learning hivenets and swarmbots on the horizon. Over the next couple of years, the attack surface will continue to expand while visibility and control over today’s infrastructures diminish. To address the problems of speed and scale by adversaries, organizations need to adopt strategies based on automation and integration. Security should operate at digital speeds by automating responses as well as applying intelligence and self-learning so that networks can make effective and autonomous decisions.

Report Methodology
The Fortinet Global Threat Landscape Report is a quarterly view that represents the collective intelligence of FortiGuard Labs drawn from Fortinet’s vast array of sensors during Q4 2017.  Research data covers global, regional, industry sector, and organizational perspectives. It focuses on three central and complementary aspects of that landscape, namely application exploits, malicious software, and botnets. It also examines important zero-day vulnerabilities and infrastructure trends to add context about the trajectory of cyberattacks affecting organizations over time. To complement the report, Fortinet publishes a free, subscription-based Threat Intelligence Brief that reviews the top malware, virus, and web-based threats discovered every week, along with links to that week’s most valuable Fortinet research.