Wales is a powerhouse for tech innovation and is often referred to as ‘The Silicon Valleys’ due to it’s world-class cyber credentials. According to the 12 Clusters Report released at London Tech Week 2021, Wales is a leading cyber hotspot, home to 400 SME’s, 9 primes, 7 academic research centres and a plethora of defence organisations and government agencies.
The Welsh tech sector employs a workforce of 40,000 people contributing £8.5bn (12%) to the country’s economic output. Wales is powerful in that it’s already home to mature clusters across the three key digital agendas; Cyber, Data and FinTech where many other areas of the UK are still harbouring a signal of intent. As well as this, Wales is tightly connected and has a strong ability to respond quickly and grow as a collective. This connectivity is helped by organisations such as Cyber Wales who have over 2500 members 900 organisations and host over 100 meetups per year.
As well as home grown talent, The United States was Wales’s largest inward investor in 2019, with around 320 US-owned companies based in Wales employing almost 50,000 people. Wales also has strong ties with Canada and home to 40 Canadian-owned companies in 2019, employing over 6,000 people.
As part of Cyber Security Awareness Month, we’ve caught up with Pete Burnap, Professor of Data Science & Cyber Security at Cardiff University & Director of the Cardiff Centre for Cyber Security Research and Damon Rands, CEO and Founder of Wolfberry Cyber Security. It’s worth mentioning that last year Wolfberry were named the most ‘Innovative Cyber Security Business in the UK’ by LiveWire and with over 23,000 nominations, this win was no mean feat.
Read on to hear more from Pete and Damon as we ask how the landscape has evolved over the past two years, what makes Wales such an exciting place in regard to cyber security and as a business owner, what are tangible first steps in the world of cyber security.
How has the Cyber Security landscape changed over the past two years?
Pete Burnap: The rapid shift to home working was a complete nightmare from a cybersecurity perspective. Overnight, businesses needed to connect from their home networks into their corporate networks which many SMEs were not ready for. This would have been a challenge, even for large organisations, especially around keeping up with the patching and the security-related issues of remote working not to mention data transfer and so on.
Fortunately, lots of companies had already migrated to the cloud which helped because this meant that data was already stored in secure and centralised cloud environments. That’s been a big issue and will continue to be as we move towards blending working. We need to be able to incorporate multiple and diverse environments into corporate risk assessments and security policies as that perimeter of the enterprise is now gone.
The second way it’s changing is the move towards autonomy. We have more and more systems being controlled through AI or data-driven decisions. This can be seen through self-driving vehicles and educational, employment and social decisions being made by AI-based systems. The mistake tends to be where we invent new technologies and secure them later.
There’s a real challenge around securing these automated systems before they are rolled out rather than trying to fix them later. As you can imagine, an autonomous system going down is likely to be more problematic than one where there’s multiple offline options or human based options. This isn’t to say that we will be moving to a fully autonomous world anytime soon, but as we move that way, we need to be thinking about how to secure that by design.
What’s a good starting point for business owners looking to improve their Cyber Security?
Damon Rands: One of the difficulties for businesses and individuals in starting to take control of cyber security is, where do you start? It's a simple one, you start by understanding what you have. Whether that’s you as an individual or as a business. Where do you store your data? How do you protect your data? Once you understand that, you can start to wrap appropriate controls around it.
For example, for individuals working from home, use one cloud provider that you can wrap appropriate controls around. Make sure that you use things like two factor authentication. This simply means that you use your mobile phone to authentic who you are if you are logging in on a different device. These seemingly simple actions make it much harder for cyber criminals.
Another simple way to improve your security is to use a good password manager to protect and keep a record of passwords. These will often generate long and secure passwords and store them in a central and secure space that’s easily accessible to you.
Wales is known for its Cyber Security Cluster – what makes Wales an exciting place for the industry?
Pete Burnap: There are some really exciting things happening in this space in Wales. We have a number of large primes in South Wales to include Airbus, Tallis, PWC, BA Systems etc. They all have a presence here and naturally, that leads to large employment and the attraction of talent to the region.
We have seen significant areas of growth in these companies recently and the opportunity to move to the region and potentially be able to move between these various high-profile companies is an attractive prospect. There’s huge scope for professional growth within this industry in Wales.
We are also growing in recognition across our universities. Cardiff University is being recognised as a Centre of Excellence for Cyber Security Research and University of South Wales is being a recognised Centre of Excellence for Cyber Security Education. This kind of activity acts as a magnet for companies large and small looking to move to the region.
Last week, Wolfberry performed a live hack at Tramshed Tech which you can learn more about and watch here.
If you’re interested in learning more about Cardiff Centre for Cyber Security Research, head here. #BeCyberSmart