The digital pandemic: cyber-security in the era of COVID-19
COVID-19 has presented a huge challenge to governments around the world – but that’s not the only virus worrying civil servants. Since the pandemic began, there’s been an explosion of cyber crime: the UK’s National Cyber Security Centre tackled 15 times more online scams in 2020 than 2019, while global analysts Canalys estimate that more data records were compromised in 2020 than during the previous 15 years put together. What’s more, as Interpol has warned, civil service bodies are right on the frontline: during the pandemic, there’s been a “significant target shift from individuals and small businesses to major corporations, governments and critical infrastructure.”
In many countries, the ageing legacy systems underpinning public services have long presented a weak point in governments’ cyber defences. Over the last two years, pandemic-related services have created new opportunities for cyber-criminals – including fraudulent government loan applications and medical procurement scams. And with civil servants working from home, some departments’ security protocols and cyber defences are working less effectively. In the face of a rising tide of phishing scams, ransomware, data-harvesting malware, malicious domains and fake apps, senior leaders must ensure that their staff have the right equipment, knowledge and training to avoid becoming the cyber-criminals’ latest victim.
At this Global Government Forum webinar, senior leaders from the worlds of public sector digital, cyber-security and crime prevention explained the changing nature of the threat, advise on how civil servants can best protect themselves and their organisations, and answer questions from the live audience. Aimed at digital leaders, service owners and team managers in governments around the globe, the webinar presented both practical guidance, and a discussion of how civil servants can work together to bear down on this fast-expanding threat.
Panel
Thomas Millar, Senior Advisor, Cybersecurity Vulnerability Management, Cybersecurity and Infrastructure Security Agency (CISA), U.S. Department of Homeland Security
Mr. Millar has served in CISA for 10 years, working to strengthen the agency’s information sharing capabilities, increasing the level of public, private and international partner engagement, and supporting initiatives to improve information exchange by both humans and machines, such as the standardization of the Traffic Light Protocol and the development of the Structured Threat Information eXpression. Prior to his cybersecurity career, he served as a linguist with the 22nd Intelligence Squadron of the United States Air Force. Mr. Millar holds a Master’s of Science from the George Washington University and is a Distinguished Graduate of the National Defense University’s College of Information and Cyberspace.
Eleanor Fairford, Deputy Director, Incident Management, National Cyber Security Centre, UK
A generalist civil servant for the past 19 years, Eleanor has undertaken a range of policy and security roles, at home and overseas, in immigration, security policy and corporate services. Eleanor previously led cyber threat assessment in NCSC and now heads up the Incident Management function where she is responsible for managing the NCSC response to nationally significant incidents that hit the UK
………………………………………………………………………………………………………………………………………………………………………….
Martin Indrek Miller, Lead Cyber Security Advisor at EU Cyber Resilience 4 Development Project, Estonian Information System Authority
Mr Miller assumed the duties of Lead Cyber Security Advisor of the EU Cyber Resilience 4 Development Project in the spring of 2018. His main role is to advise and assist developing countries from Asia to Latin America on creating national cyber security strategies, action plans, incident response capabilities, international collaboration for knowledge and information sharing. From 2015 to 2018, he served as a principal Risk Manager at the Cybersecurity branch of the Estonian Information System Authority, responsible for whole of government and nation-wide cyber risk assessments, as well as information security trainings for government officials. Between 2007 and 2012, Mr Miller held different positions at one of Estonia’s biggest banks Swedbank, including IT auditor and head of IT Risk Management department, contributing to the creation of Swedbank Group wide IT security requirements. From 2005 to 2007 Mr Miller worked at Deloitte Audit as IT auditor, mainly focusing on Telecommunication and Financial services providers operating in the Baltic countries. He started his career as IT technician and worked his way up to IT manager position in one of the largest electronic components and computer network equipment providers in Estonia at the time.
Eric Belzile, Director General, Incident Management and Threat Mitigation, Canadian Centre for Cyber Security
Eric Belzile is Director General, Incident Management and Threat Mitigation at the Canadian Centre for Cyber Security, part of Communications Security Establishment. He is responsible for the entire incident management lifecycle, which includes the operations of the Cyber Centre Contact Center, the National CSIRT, and the monitoring and response to cyber incidents for the Federal Government and Critical Infrastructures in Canada. He is also responsible for monitoring the evolution of cyber threats against Canada and producing Cyber threat assessments and trending reports.
Eric started his career in the Public Service in 1989. Previously at Shared Services Canada, he consolidated the security operations services to create the Government of Canada Security Operations Center (SOC) and Vulnerability Management Program. Eric holds a Bachelor’s degree in Informatics-Mathematics from Laval University and a Master’s degree in Management from the Université du Québec en Outaouais.
David Carroll, Managing Director, Nominet Cyber
A security practitioner for over 25 years, David has experience in both military and commercial roles. He began his career in the British Army and is now Managing Director of Nominet Cyber. Nominet Cyber delivers Protective DNS services on behalf of the National Cyber Security Centre (NCSC) and Australian Cyber Security Centre (ACSC), protecting millions of public sector workers and helping to improve national cyber resiliency.
……………………………………………………………………………………………………………………………………………………………………………………………………
Webinar chair: Siobhan Benita, former UK senior civil servant
Siobhan Benita was a senior civil servant with over 15 years’ Whitehall experience. She worked in many of the major delivery departments, including Transport, Environment, Health and Local Government. She also had senior roles at the heart of Government in the Cabinet Office and HM Treasury, including supporting the then Cabinet Secretary, Lord O’Donnell to lead work on Civil Service reform and strategy. Siobhan left the Civil Service to run as an independent candidate in the Mayor of London election. She subsequently joined her alma mater, Warwick University as Chief Strategy Officer of Warwick in London and Co-Director of the Warwick Policy Lab.
