View our on-demand webinar to find out more
As cyber-espionage, state-sponsored attacks. impersonation and identity-based attacks powered by AI and deepfake technology become mainstream, so details of sensitive communications – typical of defence projects, consortium-based bids and amongst supply chain partners – are at severe risk of compromise. Attacks may come from a range of actors including hostile nation states, repressive regimes and terrorist groups, corrupt competitors willing to pay for illicitly-gotten information and disgruntled (ex-) employees.
Add to this the latest revelations by Computer Weekly, that Microsoft has admitted that it cannot guarantee the sovereignty of UK data hosted on its hyperscale public cloud infrastructure. This is particularly worrying for government departments, military and defence organisations, as well as the wider public sector.
Recently the BBC reported that Germany admitted to a hack by Russia of a military meeting where officers discussed giving Ukraine long-range missiles, and their possible targets. https://www.bbc.co.uk/news/world-europe-68457087
By not using a secure communications platform designed specifically to protect sensitive conversations, people are making it easier for adversaries than it should be.
Any organisation that collaborates with others and shares commercially sensitive information needs to take robust action to secure their internal, external and supply chain communications to avoid becoming victims of malicious attacks. Organisations delivering mission-critical capabilities to our armed forces also need to consider the operational impact of any data breach on UK miliary personnel, as well as any financial loss or embarrassing reputational damage. The resulting loss of contracts and commercial/brand value is even more critical for those working in the defence and government contractor sectors.
How can consortiums communicate securely?
Consortiums working together on major programmes such as critical national infrastructure, defence projects, and other multi-company, international undertakings need to be able to communicate securely.
Projects that involve highly sensitive information that must be shared securely amongst participants from different organisations, potentially spanning the globe, such as FCAS and GCAP members, pose a particularly tough security challenge, so what is the answer?
Three key problem areas
When looking at how to communicate securely with colleagues in external partner organisations there are three key considerations. These are:
- IT systems that are designed to keep people out and data in – how do you open them up to trusted colleagues and consortium partners securely when they are supposed to be locked down?
- Managing data with different classifications – when you can’t use the same communications app. Which app should people use?
- Impersonation-based attacks – AI generated deepfakes are highly believable now – how can you be sure that you are communicating with who you think you are, and not an impostor?
Mass-adoption applications are NOT secure enough
Mass-adoption communication applications offer ubiquitous ease of use, but they have not been designed for use in markets that require higher levels of security to protect the type of data shared by defence contractor consortiums and bid groups.
On top of this, well-funded and highly capable adversaries are constantly looking for ways to attack such solutions and exploit the information gained as a result. Using products not specifically designed to address the complex needs of high assurance organisations introduces unnecessary risk to all organisations within the supply chain, the consortium, and their customers. A Secure Communications Platform
A standalone, independently or in-house hosted secure communications platform that is as engaging and easy to use as a consumer-grade app can ensure that employees have a solution that keeps data secure, while providing the capability to communicate effectively. Such platforms deliver:
- Data protection using UK Government and NATO approved tools, Secure by Design/Secure by Default
- One easy-to-implement solution that enables multi-domain integration of communications amongst consortium members
- Instant, remote and mobile secure collaboration
- Time saved by reducing unnecessary commutes to secure meeting venues
Our on-demand webinar: Sharing secrets amongst friends – How to securely collaborate with bid partners, provides some of the answers to sharing extremely sensitive information with bid and consortium partners securely, with:
- Standards-based, certified secure communications platforms
- Federated secure communications
- Identity-based encryption and authentication
Watch here: LINK
