Cabinet Office
Thank you.
Im delighted to be here in Belfast.
Last years CyberUK was held in Wales, and in the years before that, in Scotland and in England.
So its great to complete the full Union set with Northern Ireland - and its yet more proof that we have strong cyber talent in every corner of our country.
Now, Belfast is clearly a very popular destination right now. You had President Biden visiting last week, along with the Prime Minister.
The Clintons yesterday.
The Prime Minister liked it so much hes back again this week.
And me today - lucky you.
But of course this city was a natural choice to hold a cyber conference: It has become a global hotspot for cyber and tech companies - including IBM Security, Microsoft and Nvidia
and were meeting at a very interesting time for cyber in the UK.
Interesting because we have a Prime Minister and a government that is deeply passionate about science and tech, and has put it front-and-centre of our agenda.
Interesting because we have a thriving tech sector to match, and because government and industry are building a strong partnership including through the new National Cyber Advisory Board, which I am co-chairing again this afternoon with Sharon Barber from Lloyds.
But its also an interesting time because of the world we live in today.
The last time CyberUK was held, last May, attendees were gathering in the shadow of Russias unprovoked invasion of Ukraine.
And the brutal reality is that a year on, we continue to live in a more dangerous, more volatile world - one that has far-reaching consequences for the British people.
Now thats partly a consequence of Russias aggression.
Its partly because of the growing economic coercion of other countries.
And its also because of the way that climate change and technology continue to transform and disrupt our world.
All of those things are putting our systems under more pressure than ever before.
And so in Government, we are devoting a lot of time and energy on how we can improve our overall resilience of the Government in the face of those and future challenges.
Now many of you will have seen that a few weeks ago the government published a refresh of our defence and national security strategy - the Integrated Review - setting out how we intend to fortify our national defences against the challenges both today and tomorrow.
And its something the Prime Minister has asked me to lead on at the Cabinet Office - particularly when it comes to economic security and bolstering our national resilience.
So I wanted to use this opportunity to take you through how that applies to cybersecurity;
where I think we are as a country;
and what the government intends to do to make sure we stay ahead of our adversaries every step of the way.
THE CYBER THREAT
Its been a couple of months since the world was gripped by the progress of that Chinese balloon floating across the skies of the United States.
Now Im sure you will recall, that spy balloon dominated the headlines because it was a very visible symbol of Americas borders being breached by an uninvited guest.
And yet every day, a combination of criminals, spooks, hacktivists and cyber soldiers silently and invisibly breach our digital defences - both in the UK and in the rest of the world.
And we saw it earlier this year with Royal Mail, when a ransomware attack disrupted overseas deliveries for weeks.
And last August when an attack on a third party supplier caused severe disruption to NHS 111.
So what does the overall cyber threat to the UK look like today?
Well, according to the latest assessments from the National Cyber Security Centre, the most acute state threats in cyberspace continue to come from those usual suspects - Russia, China, Iran and North Korea.
The NCSC are also devoting a lot of their energy today to defending democracy
including by tackling threats against both the Conservative Party leadership contest last year and the recent Scottish National Party leadership contest - both of which took place online.
And there is another new front opening, as we see more and more adversaries able to buy and sell sophisticated cyber tools and spyware like Pegasus.
These are the types of tools that we used to only see in a handful of powerful state actors, and which can cause serious damage.
So its something we are taking very seriously, and to which we are responding with our international partners.
Meanwhile, cyber crime is estimated to cost the UK billions of pounds each year.
According to new figures published today, 32% of UK businesses and charities suffered a cyber breach or attack in the past year.
That is a third of our businesses.
And ransomware continues to run rampant.
And as President Biden rightly recognised a few weeks ago, thanks to its scale and impact, ransomware is no longer just a crime.
It is a national security threat - and our response needs to reflect the severity of that threat.
These are attacks on our citizens, our businesses and our democracy. They are an attempt to undermine our society.
And we are determined to stop them, with your help.
GOVERNMENT RESPONSE
In the UK we grasped the need for urgent action early, and weve been doing a lot over the past few years to strengthen our cyber defences.
We have published the National Cyber Strategy
and we have a new and effective cyber sanctions regime, which we recently used for the first time against a group of Russian cyber criminals as part of a joint campaign with the United States.
And we are working closely with international partners to tackle the proliferation of sophisticated commercial cyber tools.
At the same time, the government itself continues to face a range of attacks, including ransomware and espionage - and so we are constantly looking to strengthen our cyber defences.
As part of that, today, I can announce that we are launching GovAssure, a transformational new cyber regime for the whole of government.
GovAssure will be rolled out across Whitehall. It will be used to assess every departments cyberhealth on an annual basis, against stringent new measures
so that government can better identify the risks we face, and make sure we are protecting systems that help us run public services.
So with each day, as the threat evolves, so does our response.
NCSC THREAT ALERT
But a new adversary has emerged.
Over the last 18 months, the National Cyber Security Centre has seen the rise of several Russian-aligned groups sympathetic to Putins invasion of Ukraine.
Now these are fringe state threats - the cyber equivalent of the Wagner group - and initially these groups focused their attacks on Ukraine and the surrounding region.
But recently, they have begun to turn their attention to the UK and its allies.
They are now seeking opportunities to compromise our Critical National Infrastructure.
We have experienced attempted attacks in the past - but these groups operate differently.
Instead of seeking to profit or spy on us, their primary motive is to disrupt or destroy our infrastructure.
These adversaries are ideologically motivated, rather than financially motivated.
Secondly, though these perpetrators are aligned to national actors, crucially, they are often not controlled by those foreign states.
That makes them more opportunistic, and less likely to show restraint.
Together, those factors make the current situation particularly concerning.
And so today I can confirm that the National Cyber Security Centre is issuing an official alert to operators of our critical national infrastructure, to highlight the risk they currently face.
That alert is now live on the NCSCs website - along with a number of recommended actions that operators should follow right now, to increase their resilience and help defend our infrastructure against these attacks.
Disclosing this threat is not something that we do lightly.
This is an unprecedented warning for businesses.
We have never publicly highlighted the threat from these kinds of groups attempting such attacks before.
And I should stress that we do not think that they currently have the capability to cause widespread damage to our infrastructure in the UK.
But we do believe it is necessary at this point in time, if we want companies to understand the current threat they currently face
and to take action to defend themselves and the country against such attacks.
This approach fits with that wider national security strategy.
And last year, when we saw that Russian forces were gathering at the Ukrainian border, we declassified the information to let the world see what they were doing.
Today with cyber threats you will increasingly see us say what we are seeing.
We wont allow these groups to stay in the shadows.
We are shining a light on these threats because we need to work together to strengthen our defences. That means that businesses need to see the threats clearly, too.
And over the last few years we have done lots of things to make it easier for businesses to secure themselves
including issuing world-leading guidance
offering threat assessments underpinned by intelligence
and providing key services like the Early Warning system.
But given the constantly evolving cyber thr