Travels of a Foundry PI
Blog Post by Dr Daniel Dresner (University Of Manchester)
St Georges House – MHCLG Round Table Workshops – Windsor- 11 June 2019
By invitation of the Head of National Cyber Security Programme – Local, Phil Swan (GMCA) and I gave a presentation about the Greater Manchester Cyber Security Ecosystem with a focus on the Cyber Foundry. The session was attended by local government representatives including organisations like the LGW, SOLACE, and SOCITM. The purpose was to encourage other regions to employ the collaborative and cooperative approach that is growing in Greater Manchester and the opportunities it’s bringing to the digital industries and beyond.
IFSEC Expo – London – 20 June 2019
This annual expo is mainly focused on physical security and with some exceptions, gives scant attention to cyber security in the products on display. An exception is the annual ‘Converged Security Centre’ where I was invited to a session to be the ‘expert in residence’. Here, I was able to demonstrate how the Foundry goes beyond an online protection initiative by exemplifying the enabling qualities of cyber security. The freedom provided by robust Cyber Security gives SMEs the wherewithal to take ideas forward that would be constrained by conventional business methods.
As a panel member in the ‘Tackling the Cyber Security Threat’ session, I lamented how exhibitions are where ‘new and shiny’ reigns. One of my colleagues from information security specialists The IASME Consortium stalked the IFSEC exhibition halls carrying out a straw poll of vendors regarding the ‘internal’ security of their Internet-connected devices. The result should have set the breach-detection alarms around the stands ringing… He found only one product where basic security practices – such as the ability to update the devices when inevitable flaws in the software create security vulnerabilities – appeared to have been accounted for. The panel didn’t even get as far as discussing the need to heal the security-privacy rift that has our adversaries sniggering as they wander past organisational arrogance to help themselves to data to weaponise for their crimes. I was shocked by one self-confessed entrepreneur who admitted – rather like Lehrer’s Werner Von Braun parody – that the IoT security of security products is for someone else to worry about in the ‘next generation’; the opportunity is for him to sell product now, however flawed. Some rather more reliable types are addressing ‘converged security’. This became the ideal opportunity to point out that the recklessness of this entrepreneur did not have to be the benchmark – the Cyber Foundry has created a methodology for SMEs to get innovation to market without compromising the security of the customers who are drawn to the products.
Launch of GCHQ North – 8 July 2019
GCHQ Director Jeremy Fleming and Leader of Manchester City Council Sir Richard Leese officially launched the Northern branch of GCHQ at a reception in the city centre. This was attended by business big and small, academe, law enforcement, other public sector representatives and faith leaders. The Foundry was well represented by some of the academics and business partners involved.
It was mostly a social opportunity to meet GCHQ staff in a relaxed setting and we took the opportunity to appraise then of the innovative approach the Foundry is taking to bring Cyber Security to a diverse cohort of SMEs.
Chartered Institute of information Security Congress– Birmingham – 11 July 2019 I co-chaired the Speaker Track at the well-attended iisp.org/live. Inaugural congress of the newly Chartered Institute of Information Security. Introducing each speaker gave me the opportunity to build up to promoting the Cyber Foundry. The revelation being that after a day of talks about what to do and what not to do to protect business on-line, the Foundry has a special place as an exemplar for embracing cyber security as an enabler. The Foundry is realising the vision that Cyber Security is a force for good – businesses can be innovative on-line without unduly risking the wrong side of disruption.