Olly Whitehouse, CTO of the National Cyber Security Center (NCSC), argues that the technology market needs to be further stimulated to develop cyber-secure products.
Businesses around the world know how to build resilient and secure technology, but the market is changing He said there was no incentive for him to do so.
“Value and cost remain the main drivers of the market, and that's the enemy of cybersecurity,” he said.
Whitehouse said there are three main issues that the security technology market should consider. First, what do we want to achieve over the next 10 years with cyber resilient technologies? Second, how do we get there in an evidence-based way? Finally, how do we increase market incentives to achieve that objective?
In addition to criticizing the market, he cited known vulnerabilities in security products as a major problem, saying there are a variety of adversaries that are accumulating vulnerabilities.
He also said that the claimed security benefits of a solution are not necessarily realized in practice, either as a standalone solution or as an operational solution.
“Our claims do not match reality,” he said.
“The challenge before us is the high horse of states with strategic intentions and the high horse of criminals seeking financial gain. We can't choose, because we have to be able to face both with confidence,” Whitehouse added.
Since being appointed to the CTO role in October 2023, his priorities include Active Cyber Defense 2.0, a service designed to disrupt, degrade and deter adversaries. I said that there is.
“This will buy me time to play against a certain class of actors while chasing important roles,” he said.
The next goal is to obtain evidence of the security of the technology, confirm the effectiveness of real-world defenses, and understand that humans only have a certain amount of security budget to spend on cyber.
He said the limited budget available “needs to be spent very wisely.”
