15 Oct 15. White House Backs Off Encryption. In a victory for tech firms, the Obama administration will not force firms to breach the security of their products in order to provide information to law enforcement. The decision comes after a year after encryption introduced on iPhones and some Android phones sparked a debate between law enforcement and tech companies over access to phone data. With iOS 8, most data stored on the phone and communications over services like iMessage were encrypted in a way that only users could access it — not even Apple could.
FBI director James Comey then sounded the alarm that phone encryption would prevent law enforcement from accessing crucial information, warning “going dark” would derail crucial investigations. However technologists argued creating a so-called “back door” for law enforcement would create a security vulnerability that could be exploited by hackers and spies.
Comey signaled the administration was backing down in a Congressional hearing this week when he said the White House would not seek legislation to require companies to provide so-called “back doors” for law enforcement officials to access encrypted data. But on Saturday the New York Times reported the White House’s position goes even further. The White House will continue to require tech companies to cooperate with law enforcement, but the administration will not require them to exploit the security of their own products.
Intelligence agencies and law enforcement will now be reliant on work-arounds for encryption. They can seek data backed up to the cloud or unencrypted forms of communication through service providers, such as records of phone calls. They can also attempt to compel phone owners to turn over their passcodes.
The White House’s position represents a victory for privacy advocates in the wake of the disclosures of government contractor Edward Snowden about the surveillance practices of the National Security Agency. But the decision will likely draw anger from intelligence agencies as well as some lawmakers. Recently, Senate Judiciary Committee Chairman Chuck Grassley wrote a letter to the White House criticizing it for not taking a strong stance on encryption.
Still the New York Times report says tech firms do not think the administration has done enough. They are calling for the White House to release a clear statement it can bring to China and Europe, where government officials are threatening to ban encrypted devices or require companies to provide back door access. (Source: Cyber Security Intelligence/Techcrunch)
20 Oct 15. Attract and Retain Great Cyber Security Talent. A growing need for cyber-security organisations to recruit the best and brightest to defend governments, organisations and businesses from attack has meant that the market for university graduates in the cyber-security sector has expanded rapidly over the last few years.
According to UK government figures, the UK cyber-security sector is worth more than £6bn and employs 40,000 people. In addition to national demands, the cyber export market grew from £850m to more than £1bn during 2013, and is expected to reach £2bn by 2016. All this investment is to tackle the growing ‘business’ of cyber-crime – an example of which can be seen in GOV.UK’s recent findings that 81 percent of large corporations reported a cyber-breach in 2014, with an estimated cost to organisations between £600,000 to £1.15m per attack
BAE Systems Applied Intelligence have significantly stepped up their graduate recruitment programme in recent years, in recognition of the need for the UK to foster talent within the cyber-security sector if we are to tackle cyber-crime effectively. For example, in 2014, over a third of BAE Systems’ graduate intake – around 120 out of 287 – joined BAE Systems Applied Intelligence, to help companies and organisations protect themselves and their customers from fraud, cyber-attack and digital criminality. To achieve these solid gradu