The US could learn from the UK’s NCSC

The UK’s NCSC is their National Cyber Security Centre (you can tell it’s English because of the spelling of ‘Centre’). Each year (with COVID year exceptions) they put on a conference focused on real tactics for companies to be more cybersecure. As a cybersecurity professional, I have had the chance to attend a few CyberUK conferences and they are great! They are not BlackHat and don’t try to be. They are less interested in the cool new hacks and more interested in securing the nation.

The UK has a very real reason for investing in security awareness. In May of 2017, a worldwide attack of ransomware called WannaCry hit the National Health Service in England and Scotland. The ransomware infected up to 70,000 devices in 200 NHS hospitals and forced the health system to nearly shut down. For a time, only critical emergencies were being handled, everything else was postponed.

The US approach to business support is focused on large corporations and critical infrastructure. To be sure, both are important but it leaves the small-mid sized companies to fend for themselves. Leaving these companies to find their own solution is a mistake, in my opinion, because they represent 70-80% of the US economy and they usually don’t have the resources to bring cybersecurity talent in-house.

The UK approach to cybersecurity is about public education about how to protect yourself and your company. The message from the US government is about notifying the government if you see or experience anything. One is proactive and one is reactive. We should do better!

Those that know me understand that I have a passion for small business. I understand the challenges of running a small business and know that cybersecurity is really low on their priorities list. Making payroll is far more important. I get that! However, don’t use ‘I’m not big enough to be interesting’ or ‘I don’t have any information to protect’ as an excuse. You are and you do! You may not choose to deal with it but you should be aware that YOU ARE a target and your data is probably MORE VALUABLE then you realize.

• Author
• Recent Posts

Follow me

Paul Bergman

CEO at Tracc Development, Inc.

Paul Bergman runs a business strategy and cybersecurity consulting company in San Diego. He is also CEO of a mentoring non-profit in San Diego, Lamp of Learning. He writes on cybersecurity and board management for both corporate and nonprofit boards.

Follow me

Latest posts by Paul Bergman (see all)

• The Imperative for Cyber Talent on Corporate Boards - March 29, 2024
• Talking CMMC preparation - March 12, 2024
• Protecting Your Business: Strategies to Combat DNS Attacks - February 20, 2024