NewsThumpNEWS! Keir Starmer demands to see trick or treater’s digital IDs https://newsthump.com/2025/10/31/keir-starmer-demands-to-see-trick-or-treaters-digital-ids/
Ciaran Martin
- 1.7K Followers
- 90 Following
- 278 Posts
Former/founding head of UK National Cyber Security Centre. Now prof at Oxford University; working with various cyber companies too
The RecordCostly cyber incidents — like the recent disruption at Jaguar Land Rover — keep mounting in the U.K. as the government delays introducing cyber regulations that would require businesses to better protect themselves from attacks, experts say.
https://therecord.media/cyberattack-jaguar-land-rover-economic-growth-uk-government
Cyberattack on Jaguar Land Rover threatens to hit British economic growth
The disruption is the latest to hit a high-profile brand in the United Kingdom, and follows repeated delays in the British government introducing cybersecurity regulations that would require businesses to better protect themselves from attacks.
Danny Palmer“Those six weeks were the most concerning, scary of my career in government,” he reflects.
“A few weeks after NotPetya, I was at a kids’ summer party – my kids were at that age where they’d been invited to a party – and I got a call from Downing Street. It was “It’s happening again, (Heathrow) Terminal 5’s down..."
-
Very pleased to share my interview with @ciaranmartin which has just gone live at The Stack.
Not only does Ciaran have many interesting things to say about cyber, AI and and his time at the NCSC (Hi, WannaCry) - it's my first named byline* since going freelance. :)
*I have done plenty of writing these last few months, but as a ghostwriter. Really pleased to see my byline out there again.
https://www.thestack.technology/the-big-interview-ciaran-martin-founding-head-of-the-ncsc/
Another new episode of the SANS Institute Cyber Leaders podcast!
This one has Ross McKercher of Sophos talk to me and James Lyne about one of the most audacious private sector counter cyber operations of all time, against a Chinese threat group.
He also talks very thoughtfully about the role of a CISO, especially where its existential in a company like his.
The two topics are so different James and I had to improvise an ad break in between. I apologise in advance (what I’m talking about will become clear when you listen 😂)
Enjoy and keep cybering!
https://www.sans.org/podcasts/cyber-leaders/inside-pacific-rim-ross-mckerchar-11/
This looks like a significantly richer dataset than that at issue with Marks and Spencer and the Coop
“In the end, the Ten Commandments are nothing more than a non-binding, voluntary code of practice. But as a set of guidelines as to how to conduct yourself, they’ve proved pretty effective and enduring. So we shouldn’t always belittle voluntary non-binding efforts to establish norms in cyberspace”
Thus spoke David Koh, head of the Cyber Security Agency of Singapore (CSA), whom I had the privilege of hosting Blavatnik School of Government, University of Oxford on Friday afternoon. It was one of many brilliant, often one-line insights into the challenges faced by his powerhouse city state that straddles the two technosphere superpowers of the west and east.
This was the third session of the Oxford Cyber and Tech Policy Programme and attracted a big crowd, brilliantly as always put together by my fab colleague Brianna Rosen.
The full video will follow later
Completely missed that last week France - the last holdout - has started publicly attributing cyber attacks
Russia – Attribution of cyber attacks on France to the Russian military intelligence service (APT28) (29.04.25)
France condemns in the strongest terms the use by Russia's military intelligence service (GRU) of the APT28 attack group, at the origin of several (…)
Only two days till I welcome the great David Koh to Oxford!
Here’s how to sign up, if you want to come in person or remotely
https://www.bbc.co.uk/iplayer/episode/m002bvd2
The UK’s hackashopathon rumbles on.
I was on BBC Breakfast TV trying to explain helpdesk social engineering to gain access to privileged user accounts at about 31 minutes and 40 seconds in
UK NCSC advice on advanced encryption gets a positive review from Bruce Schneier
https://www.schneier.com/blog/archives/2025/05/ncsc-guidance-on-advanced-cryptography.html
NCSC Guidance on "Advanced Cryptography" - Schneier on Security
The UK’s National Cyber Security Centre just released its white paper on “Advanced Cryptography,” which it defines as “cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography.” It includes things like homomorphic encryption, attribute-based encryption, zero-knowledge proofs, and secure multiparty computation. It’s full of good advice. I especially appreciate this warning: When deciding whether to use Advanced Cryptography, start with a clear articulation of the problem, and use that to guide the development of an appropriate solution. That is, you should not start with an Advanced Cryptography technique, and then attempt to fit the functionality it provides to the problem. ...