 Good afternoon everybody and welcome to this afternoon's IEA presentation, our lunchtime presentation. We've a very special one this afternoon with Lindy Cameron, CEO of the NCSC in the UK. My name is Richard Brown and I'll be your chair for the afternoon. Before we begin, a few very quick notes on context. This meeting and the questions and answers session afterwards is very much on the record and is being recorded. Any questions that people might have for the Q&A after the afternoon this presentation should be submitted via the Q&A function on Zoom. Please also announce your affiliation and your identity as well, please. If anybody is a social media user, you can tweet about the event at IEA. And obviously also the timeline of this, we are finished at 1.45 exactly. So Lindy will speak for however long, 20 minutes or thereabouts and we'll take questions immediately thereafter. The second thing to keep in mind and all of this is that this is obviously a highly pertinent, highly sensitive issue and there's going to be elements here that not everybody could talk about any great detail. So the questions will obviously have to reflect that as well I'm sure. Lindy's presentation is on building resilience and prosperity with cybersecurity. She joins the NTSC in the UK last year after a career in various different parts of the UK government including DFID and the Northern Ireland office, which comes to us with an unusual and diverse background in the cybersecurity field. Lindy, please go ahead. Great Richard, thank you very much indeed and it's a real honour to be here today. As a dairy girl I would absolutely love to be with you in person and Dublin, but it's a real pleasure to be speaking here in Ireland even if only virtually. In fact I'm actually joining you today from my home because this week I was told to self isolate for the UK NHS Test and Trace app which is a different type of virus the one we normally deal with an NTSC but fortunately what I'm fully vaccinated against so hopefully just a precaution. So firstly I'd like to thank the Institute of International and European Affairs for the work they do and huge congratulations to you on celebrating your 30th anniversary this year. I'm really proud to be here as the second head I should say actually the second Northern Irish head as well of the National Cyber Security Centre which after only five years plays a key role in the UK's national security. It's creation in 2016 showed real foresight and is widely recognised as an example that others want to emulate a partnership of government law enforcement intelligence in the private sector. We've dealt with over 2000 significant incidents, we've protected the UK at scale through active cyber defence taking down more than 700,000 online scams in the last year alone, 80,000 of which were new tip-offs from the British public through the hugely successful suspicious email reporting service. These resilience in all sectors of our critical national infrastructure built coalitions with businesses, charities and education to develop accessible and actionable cyber security tools and advice and over 55,000 teenagers have participated in the cyber first girls competition and our cyber security courses. We've made the internet safer and easier to use for our citizens through our cyberware campaign challenging password culture and victim blaming. Our security is of course a team sport and the UK and Ireland share an important partnership that will help us both to stay as secure as possible online. It's a relationship built in shared goals. This close alliance helps to prevent many attacks from ever happening. And when they are successful, it also improves our shared response to an incident. We're committed to sharing threat assessments and operational lessons from instance, and that shared understanding benefits our countries and their citizens. There's much to praise from the successes in Ireland. We take inspiration from the work you've done to transform Ireland into a digital hub with Dublin's fantastic Silicon Docs, serving as a central nerve center. Thanks to support from the Irish government, the tech startup ecosystem in Ireland is booming. It's a passion we share through the NCSC for the startups initiative, which we're providing support for startups through. That's includes included something called Trust Elevate, a company led by an Irish CEO, looking to make the internet a safer place for children, and one called Angoka and Northern Ireland based firms specializing in securing smart city technology. You've supported the tech industry here in Ireland through the coronavirus pandemic through Irish government grants and loans for large and small businesses. And global tech companies such as Twitter, Facebook and Google have the offices in Dublin. I know Ireland is currently ranked just outside the top 10 of Forbes best countries for business. Of course, Ireland has one of the highest concentrations of cloud data centers in Europe, including the Amazon Web Services data center in Dublin, which allows companies to deliver results faster and more reliably by having access to hundreds of thousands of servers in minutes. So there are multiple examples of shared cyber interests between Ireland and the UK. Indeed, Ireland was one of the very few countries specifically referenced in the UK government's recent integrated review of security, defense, development and foreign policy. This committed to a strong bilateral partnership and a further deepen our relationship through increasing connectivity, clean growth and international cooperation and more on that later. Our links with Ireland's NCSC specifically are growing and we very much welcome the recently established critical national infrastructure cyber cooperation working group, whose normal meeting in March was hosted by NCSC Ireland. In this we're sharing our understanding of the threat incident management support processes and methodologies for identifying CNI dependencies, including critical cross border dependencies. And given those critical dependencies in many CNI sectors, there is a particular crossover in the threats we need to look at facing both Northern Ireland and Ireland. So for example, energy security from Northern Ireland is based on gas pipelines and electrical interconnectors to both quit Britain and across the border, including the single electricity market. The energy sector is dependent on operational technology connected systems that monitor and control automated industrial processes to function effectively and efficiently. And those systems mean it's a realistic possibility that this reliance on operational technology and the interconnected nature of the energy supply network on the island of Ireland, combine to make a more complex potential target for cyber attacks. On transport, Northern Ireland's rail link across the border between Belfast and Dublin is jointly operated by Northern Ireland Railways and Irish Rail. These cross border transport links again increase the potential for cyber attacks including ransomware to affect both countries. We all know cybersecurity does not respect borders, which is why a great cybersecurity relationship between the UK and Ireland is so important to combat our shared threats. And there are several established capable states that seek to do both of our nations harm through cyber attacks. In the telecom sector, state actors almost certainly pose the greatest cyber threat. The telecom sector is an attractive target, both as an enabler of espionage in other sectors, and as a target for customer and communications data. Some managed service providers that operate in Northern Ireland provide services in both sides of the order. And it's there for a realistic possibility that a cyber attack on a telecoms provider could impact services to both of our countries. The governments of both the UK and Ireland have been clear that they will not tolerate malicious cyber activity and that we have and will publicly call out state level attacks. State sponsored cyber activity represents one of the most malicious strategic threats to the national interests of both the UK and Ireland. It's hugely important. Tracking and defending the UK from our most sophisticated adversaries represents much of NCSC's core business, usually working to support victims behind the scenes. Because state threats are a reality in cyberspace for nation states, China, Russia, North Korea and Iran have been a constant presence in recent years. As I've said before, we face a determined and aggressive Russia seeking traditional political advantage by new and high tech means. We live in a business and corporate environment where Chinese cyber attacks on our commercial interests are something that our companies treat as business as usual. And authoritarian regimes including both North Korea and Iran use digital technology to sabotage and to steal. However, there is currently no threat more prescient than ransomware malicious software that can make data or systems unusable until the victim makes a payment. And of course, you and I wouldn't know this all too well. As you're very well aware on May the 14th, the Irish health executive suffered a ransomware attack that caused extensive disruption to Irish hospitals and patients. And indeed some stolen patient data was published online. The government was quite rightly clear that even by criminal standards this had crossed a line. And I would like to praise the Irish response not to pay the ransom cyber criminals are out to make money. The more times a method is successful, the more times it will be used. And payment of ransoms is no guarantee that you will get your data back. And certainly no guarantee you won't be attacked again. In fact, advertising a willingness to pay makes someone a more interesting prospect. So it's important that we do all we can to ensure that this is not a criminal model that yields returns. The government's strong action of refusing to pay will likely deter ransomware operators from further attacks on health sector organizations both in Ireland and elsewhere. Understandably, the initial reaction was concerned over possible impact on the COVID response. A fear came through clear and definitive reassurance that vaccines would not be affected. Coverage of course then shifted to how other services were compromised, such as urgent hospital appointments and surgeries. Sadly, there were real world examples of patients and families facing real world consequences to this despicable attack. The attack also had an impact on Northern Ireland. It affected Northern Ireland's ability to access data held by HSE for some cross-border patient services. Thankfully, the Northern Ireland Business Services Organization, which provides IT to the NIH health sector, was able to stand up its business continuity processes to support. Of course, in the UK, we as the NCSC led the response to a similar incident in 2017 when the WannaCry ransomware attack impacted 48 of the UK's National Health Service Trusts. So as you would expect from a close partner, we did all we could to support our partners in Ireland when the HSE attack took place. This included sharing as much relevant information as we could, both from a cybercrime and a law enforcement perspective. So what can we say about this incident at this stage? The activity almost certainly originated from cybercriminals. The activity has almost certainly caused disruption to hospitals and endangered patient care. And we know that cybercriminals likely voluntarily handed over the encryption key several days after the attack. We see this as a public relations move to lessen criticism. Soon more broadly, ransomware also continues to represent the most likely disruptive threat to the health sector worldwide. Although cybercriminals promised not to target the health sector during the COVID-19 pandemic, ransomware attacks have proliferated and are increasingly causing disruption to clinical services and patient care. The victims of the ransomware attack in Ireland were ordinary citizens such as cancer patients whose radiotherapy appointments were postponed. A ransomware attack in New Zealand also impacted clinical services in several New Zealand hospitals. So ransomware is the most insidious cybersecurity risk, not the threat from but the threat to, not the loss of data but the impact on operations large and small that stops people in businesses from being able to live their day to day lives. The sheer volume makes it the most impactful threat we face. We've seen it affect the NHS in the UK with WannaCry. We've also seen it prevent students access classes just in the last few weeks. We've seen it shut down local authorities at great cost to the public purse, meaning that the public can't access services, pay their bills or in some cases even buy a house. And the ransomware ecosystem is evolving through what we call ransomware as a service and the app as a service business model, where ransomware variants and commodity listings such as lists of credentials are available off the shelf for a one-off payment or share of the profits. Users buy from developers without the costs and risks of developing it themselves, and that enables actors who are less experienced in ransomware to acquire the tools to conduct their own attacks. High-end crime groups will spend time conducting in-depth reconnaissance on their targeted victims. They will identify your cyber security weaknesses so that they can exploit them. They will use spoofing and spearfishing to masquerade as internal employees to get access to all of the networks they need. They'll look for the business critical files to encrypt and hold hostage. They might identify embarrassing or business sensitive material that they can threaten to leak or sell to others. And they may even research your cyber insurance policy to see if you're covered to pay ransoms. This process can be painstaking and lengthy, but it means that when they're ready to deploy the effective ransomware in an unprepared business is brutal. Everything is taken out. Files are encrypted. Servers go down. Digital phone lines no longer function. Everything comes to a halt and your business stops in its tracks. But it doesn't stop there because over the last year or so these cyber crime groups have evolved their techniques to include data extortion. So even if you have rightly got offline backups and you can get back on your feet without paying a ransom, the group will threaten to leak the data they've stolen. This can make all your business information, your personal sensitive data, your otherwise embarrassing content available online for all to see. So this is neither double whammy of ransomware. So even if you have good data storage in place, they can still try and hold you to ransom. In some respects, the response to ransomware is really straightforward. We need to continue to build cyber resilience so that attacks cannot reach their targets in the first place. We as the NCSC have great advice on how to do this with our 10 steps to cybersecurity and we've made huge strides across a range of sectors. I know that NCSC Ireland does the same to help improve understanding of the cyber threat in particular through publishing alerts and advisories that may affect Ireland. But in many other respects, it also requires a whole of government response. This starts with the efforts to prevent the activities of the groups behind these damaging attacks. They don't exist in a vacuum. They're often enabled and facilitated by states acting with impunity. International and diplomatic efforts need to be coordinated to stop them. So a coordinated response in ransomware involving these key players would have the added benefit of helping us to meet broader national and strategic international objectives, making all of us a more resilient and prosperous place to live and do business online. And it's also key because we're at an inflection point in global technology. So it's imperative that we recognize this and act accordingly. Jeremy Fleming, who is director of the UK Signals Intelligence Organization GCHQ recently described a moment of reckoning where unless the white action is taken, key technologies we all rely on will no longer be shaped or controlled by like minded democracies. And proliferation could also create unforeseen risks. There are firms that sell high end state like capabilities to exploit computer networks. But then at the other end of the spectrum, you can buy relatively cheap sim boxes that can send thousands of cyber crime texts in an hour. So such threats pose a risk to people all over the world. Therefore, alliances are vital. And we like others must work with partners on a global stage. For us, this includes collaboration between all four nations of the UK sharing information with global partners and starting with our closest neighbors here in Ireland. Our integrated review underlined the importance of the UK as a responsible global cyber power that works with its allies to actively shape the international order of the future. It also demonstrated what responsible behavior for a cyber power looks like. This is not a model just to benefit UK citizens, but to benefit people all over the world, and show there is a reasonable expectation that no one is left behind. We see our international cyber engagement as vital to delivering a cyberspace that is free, open, peaceful and secure, and where the multi stakeholder model is reinforced. A global market in which new technologies are secure and resilient from the outset. We see a global operating environment in which our adversaries are unable to act adversely and without impunity or cost being opposed against them and strengthened international partnerships and coalition that act in concert against mutual threats. The UK can't do this alone with our allies and close partners across the world we will take collective action against the threat and work to a shared vision of the future. So we warmly welcome Ireland's presence on the UN Security Council and look forward to working together on our shared foreign policy priorities. Ireland will assume the Security Council presidency in September of course, and we have every confidence that you will lead with a commitment to peacekeeping and climate security in line with both the Taoiseach and our own Prime Minister's priorities. Because states have an important role in agreeing what behavior is acceptable by working as a global community, we can clarify and develop rules that are right for digital age. The UN government group of experts in cyberspace has built on the clear global appetite for progress captured in the consensus report by the open ended working group earlier this year. The document offers substantive text and attribution, as well as landmark references to international humanitarian law, both very important firsts. The ambition set out in the UK's integrated review guided our position during these negotiations. And we set out our position on how international law applies to state behavior in cyberspace. We look forward to continuing to work globally on these important governance issues, including the implementation of rules and norms. An important part of how we make the UK a safer place to live and work online is through our international reach and support. The global nature of the cyber threat means our international partnerships are critical to countering and deterring malicious cyber actors who want to cause harm to the UK. But that goes beyond responding to the threat. UK's international engagement is also about responding to competing visions of cyberspace, asserting democratic norms and values and the technologies and standards that affect the UK cyber security and addressing the vulnerabilities of global supply chains. We have strong bilateral relationships with a number of other European partners as continued membership of a number of multilateral groupings that are vital to information sharing an instant response. The European government's search so the computer emergency response teams remains the forum in which cooperation and cyber instance is most mature. And Etsy, the European Telecommunications Standards Institute, is of course the recognized regional standards body for telecommunications and other networks and services. As the UK sought to leave the EU, both the UK and the EU recognized that as a shared threat, continued cooperation on cyber security issues would always be in both sides best interests. This understanding was recognized in the trade and cooperation agreement signed at the end of 2020. The agreement included provisions to create a formal dialogue in order to exchange information about relevant policy developments, including in relation to international security, the security of emerging technologies, internet governance cyber security cyber defense and cyber crime. It also included provisions to cooperate with 30 you and cyber instance, something we've always done and we continue to do, including on the most recent solar winds incident before Christmas. The provisions allowed participation in specific activities of the Ms cooperation group, an important policy development group in which the UK has played a significant role, including on the cybersecurity elections and 5G. And to build a third party relationship with Anissa, the European Union Agency for cybersecurity, the EU cybersecurity agency and again an organization with which the UK has enjoyed a long and close relationship. Work and implementing the trade and cooperation agreement is ongoing and we hope it will mean that the UK and the EU can continue to cooperate in the spirit that both sides desire. So finally I look to the future. Cyber security is a rapidly moving world. And we can't confirm what the threats of the future be, but we can move to put all of us in the best place possible to defend from them. We are doing a lot of work on creating a culture in the UK where cybersecurity can thrive. And Northern Ireland is a great example of this where the NCSCs flagship conference of cyber UK will be held in 2023. Like Dublin, Belfast is a leading technical hub with a thriving ecosystem, including being home to Queens University, which is recognized by us and NCSC as one of the UK's academic centres of excellence in both cybersecurity research and education. Queens also hosts the Research Institute in secure hardware and embedded systems, providing a global focus and working with leading international partners and manufacturers to accelerate research and innovation and translate that into new and more secure and resilient products and services joining up the research to the manufacturing. And of course, innovation stretches well beyond Belfast and particularly to the border areas, including in the Northwest region, where there are ambitious plans for growth. As you know, in February, the UK government announced a 250 million pound investment that will boost the economic potential of the Northwest and support a more prosperous in the United Community. This included the creation of the new Centre for Industrial Digitalization, Robotics and Automation, which will support the exploration technologies innovation. And the quality of analytics research laboratory, which will bring together AI expertise and data analytics to help future innovation thrive. So coupled with the UK government support, there's a real opportunity for Northern Ireland to achieve its full economic potential through this through these means. The Northern Ireland cyber security cluster which NCSC supports employs more than 1700 professionals and promotes international business, innovation and collaboration. And the Northern Ireland government fully supports the UK national cyber security strategy and has developed its own cyber security strategy under the three pillars of defend deter and develop. A key part of their strategy is the establishment of the Northern Ireland cyber security centre launched in February 2020. That centre is now one of our key partners in Northern Ireland and a key amplification route for NCSC messaging, promoting and promoting and raising awareness of the threat and for our products and services across all sectors in Northern Ireland. Of course, another big part of the challenge to creating a safer cyber future is empowering the next generation of experts. We in NCSC run a wide range of cyber first courses aimed at children and young people of all ages to spark and develop their knowledge, but with the significant gender discrepancy in the cyber security workforce we particularly focus on girls. So I was really proud to see pupils from our Lady and St Patrick's College in Belfast in the top 10 teams nationally in a competition of 6500 girls to find the most cyber savvy young girls in the UK. We also have five cyber first schools or colleges in Northern Ireland, meaning they're recognized as sharing our aim of encouraging young people to engage with computer science and the application of cyber security and everyday technology. Because of the commitment to the interest and threats we share with partners, we in the UK need to create a new national cyber strategy that protects ourselves and our allies. As I said, an attack on our critical national infrastructure could impact an Ireland and we're committed to making that as hard a target as possible for those who would seek to disrupt it. We need to ensure that data generated and processed by the internet services that we use every day are properly protected and our privacy appropriately managed. The creative technology that we envisaged in our integrated review must be protected from theft by state actors. We need to ensure that the next generation of commodity technology doesn't repeat the security mistakes of the past. We need to ensure that our adversaries, be they state or criminal, traditional or new, think twice before attacking the UK or its allies. So in conclusion, there is a clear correlation between the cyber security of the UK and Ireland, and one that presents us opportunities to be collectively stronger by working together. While our shared infrastructure goals and threats are a source of great strength, there are also potential vulnerabilities that mean we have a responsibility to each other. If either of us is a weakness that is exploited, the impact can and likely will be felt by the other nation, which is why it's so positive that we share such a strong relationship and an alliance that makes us stronger than the sum of our parts. We look forward to continuing to work and learn from our inspirational partners here in Ireland and to help move both of our nations to a future where we can all continue to make the most of the fantastic opportunities offered to us in the digital age. Thank you and back to you Richard.