Five Eyes Warn Deep Tech Start-Ups Against Nation-State Threats
The UK National Cyber Security Agency (NCSC) and National Protective Security Authority (NPSA), a new subdivision of domestic intelligence agency MI5, are launching a new awareness campaign to warn start-ups developing cutting-edge technology against increasing nation-state threats.
The campaign, launched on October 17, 2023, consists of an updated ‘Secure Innovation’ guidance and includes a free Quick Start Guide to help those without extensive security expertise take the first steps to keep their innovations safe.
It also explains practical steps that small and medium-sized businesses (SMBs) and other organizations can take to bolster their protections against the threats posed by other states as well as from criminals and even competitors.
It covers areas including investments, supply chains, travel, IT networks and cloud computing.
It is the first campaign run by NPSA since the agency was created in March 2023.
NCSC CEO Lindy Cameron commented: “The UK has one of the best environments for start-ups working in the field of emerging technology, but we know this can make companies a target for malicious actors. It is vital organizations take state and criminal threats seriously and ensure they are effectively managing the risks, including those emanating from cyberspace.”
The campaign follows a US event hosted on October 17 by the Hoover Institution at Stanford University and the FBI, during which the heads of intelligence agencies of the Five Eyes coalition (Australia, Canada, New Zealand, the UK and the US) warned against nation-states seeking to steal businesses’ intellectual property in order to fast-track their own technological and military capabilities and undermine others’ competitive edge.
Ken McCallum, MI5 director general, explained that the event was organized because the Five Eyes had noticed an increasing threat involving intellectual property theft from nation-state threat actors.
“Across all five of our countries, we are seeing a sharp rise in aggressive attempts by other states to steal competitive advantage. This contest is particularly acute on emerging technologies; states which lead the way in areas like artificial intelligence, quantum computing and synthetic biology will have the power to shape all our futures. We all need to be aware, and respond, before it’s too late,” he said.
Five Eyes agencies also released a set of five principles businesses can adopt to help keep their staff and their information safe and secure.
What Are the Five Principles to Keep Deep Tech Safe?
Here are the five fundamental security principles the Five Eyes think start-ups and spin-outs dealing with sensitive intellectual property should consider:
- Know the threats: understand the way state-backed and hostile actors could try and get hold of your technology
- Secure your environment: create an effective system for security risk management, incorporating risk ownership, identification, assessment, and mitigation
- Secure your products: build security into your products from the start, and actively protect and manage your intellectual assets
- Secure your partnerships: manage the risks that partnerships with investors, suppliers, and collaborators can bring
- Secure your growth: as your company grows, manage the security risks from entering new markets and expanding your workforce
Read more: FBI Warns of Dual Ransomware Attacks and Data Destruction Trends