Defence, aerospace, and security giant BAE has announced the creation of The Intelligence Network, an initiative to “engage, unite, and activate a global community of security professionals and industry influencers in their fight against cybercrime.”
Its founding members include Andrzej Kawalec of Vodafone, Jonathan Luff of CyLon, and James Sulivan of RUSI, who have all contributed to a manifesto that sets out the reasons for founding the organisation.
The document was created in consultation with cybersecurity professionals in the UK and US, across business, government and society, and highlights the need for a more collaborative approach to rising security risks.
Julian Cracknell, managing director of BAE Systems Applied Intelligence, said, “It’s time to move on from the age of secrecy,” adding, “to meet the challenges of our highly-connected world, we have to stop giving cybersecurity the silent treatment.
Our instinctive response each time we’re threatened is to contain it and hope that no one ever finds out. But how well is that serving us?,” he continued.
“We live in a world where increasingly people share first, and think later. It’s an attitude that poses more than a few challenges. But what if a more open approach to sharing information could also help us to create a safer online environment for everyone?”
A global cybersecurity collaboration
The Intelligence Network aims to address global cybersecurity issues, caused in part by the buying power of the world’s largest corporates driving fragmentation and complexity, alongside increasingly digital workflows.
“When discussing the cybersecurity landscape with our customers, partners, and employees, there seems to be a groundswell of support to work together more closely for the greater good,” says the document. “The Intelligence Network is an initiative which we hope will unite a community of like-minded global security professionals and industry influencers who share our vision.
“Through this manifesto, we are setting out the ambitions of The Intelligence Network and establishing a framework for creating a safer society by 2025.”
The manifesto
The organisation’s manifesto is focused on three distinct areas of transformation: collaboration, simplicity, and certainty. It aims to achieve the following by 2025:
- The sharing of intelligence, understanding, approaches, technology, and resources to ensure co-ordinated action in response to new threats.
- Transparent security so that organisations and individuals can see what they do, and do not, have in place, where gaps exist, and what their implications are.
- Aggregated, verified information provided to appropriate law enforcement and government organisations.
- Technology to be secure by default – both on purchase and through its life – and maintained through automatic updates that don’t overload the memory or workload of individuals.
- Security to be available as an affordable utility for those that need it.
- Security to be managed through standard corporate risk management structures in the same way as health and safety.
Changing mindsets
Cracknell issued an open call to organisations who wish to participate in The Intelligence Network:
Through the work of The Intelligence Network, we want to kickstart conversations about the future of cyber defence. Today, we are inviting organisations to join us. It is open to all, free to join, and encourages active participation at all levels.”
Jonathon Luff, co-founder of CyLon, said, “Cyber criminals use creativity and collaboration to operate at the cutting edge of technology. From a cyber defence perspective, we need to be doing the same. We need to rethink models of collaboration; small businesses and large enterprises must work hand in hand, and we must start to place greater emphasis on the sharing of information, rather than the attribution of blame.
“With the creation of The Intelligence Network, we should start to see a culture of openness that challenges and changes mindsets and patterns of behaviours, as well as policy and legislation. I’m excited by what this community can do – and the impact we can have.”
Internet of Business says
BAE Systems is best known as one of the world’s largest defence and aerospace companies, and as Britain’s biggest manufacturer. But it is also a supplier of cyber, intelligence, and security capabilities for government customers, and increasingly, also to commercial ones.
Its offerings include email security, managed security services, fraud detection and prevention, and other services.
Despite its cybersecurity pedigree, a top-secret defence company may seem to be an unlikely, though welcome, source for a call for greater collaboration in the sector. That it has chosen to take this position has come from an awareness of who and what organisations are facing, and a need to emulate their opponents’ agility and creative thinking.
Government agencies regularly share intelligence for mutual benefit, to protect against security risks and build alliances. BAE is taking its learnings from the defence world, and the more dynamic approach of cyber criminals themselves, and repurposing them to help organisations guard against cyber attacks.
Terrorist and criminal networks can now reach across the globe, with distance posing no obstacle to hackers. Given that warfare and espionage are becoming increasingly digital activities (BAE is currently developing cyber defence capabilities for military aircraft), it makes sense for BAE, and other members of The Intelligence Network, to apply their expertise to the civilian world.
Its work in sensitive and sometimes controversial defence projects means that BAE Systems has more to lose than most, if subjected to a successful cyber attack. In 2012, the company was reported to have been the target of Chinese cyber espionage techniques, which may have led to secrets relating to the Lockheed Martin F-35 Lightning II fighter jet being stolen.
With Saudi Arabia being BAE’s third largest market, and with past involvement in the manufacture of nuclear warheads and cluster bombs, other potential hackers could have political motivations.
As a potential victim of cyber attacks itself, as a manufacturer of systems that may face similar attack, and as an expert in the cybersecurity field, the company should be a capable leader of The Intelligence Network.