Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
We do not use cookies of this type.
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
We do not use cookies of this type.
Analytics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
We do not use cookies of this type.
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
We do not use cookies of this type.
Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.
We do not use cookies of this type.
Take the partners Jisc and BT Group, both are completely exposed to cybercrime due to exposed and insecure Internet Assets and DNS. This surely raises pressing questions about the program’s efficacy as both contribute substantially to the UK’s security exposure.
Jisc, responsible for technology and connectivity in educational institutions, and BT Group, managing phone lines for the majority of UK households, inadvertently by default, expose every child and household (unknowingly) to significant cyber risks.
Their demonstrable vulnerabilities in managing their own Internet Assets and DNS undermine the very essence of what ‘Share and Defend’ aims to achieve.
This paradox is troubling. How can a program be expected to secure national cyber infrastructure when its foundational partners struggle with basic security principles?
This situation casts doubt on whether ‘Share and Defend’ can be more than a reactive platform. Instead of preemptively fortifying defenses, it risks merely responding to breaches and partial information after the damage is done.
In a landscape where proactive defense is paramount, relying on entities with a track record of security lapses to lead the charge is a perilous strategy. The NCSC and UK Government would be wise to reevaluate their approach, ensuring that the partners are not only contributors but exemplars of robust cybersecurity practices.
Only then can we hope that ‘Share and Defend’ transforms from a reactive measure into a proactive bulwark against cyber threats.
FBI Cyber Division | Federal Bureau of Investigation (FBI) | The White House | National Cybersecurity Coordination Center (NCSCC)