05.03.18
Keeping London safe
Source: PSE Feb/March 2018
Theo Blackwell, London’s first-ever chief digital officer (CDO), speaks to PSE’s Luana Salles about the role he plays in ensuring the capital remains responsive to the growing and global cyber security threat.
London mayor Sadiq Khan has a bold vision: to make the capital the world’s smartest city, retaining its status as a global tech hub by completely shaking up the way public services are designed and delivered – especially in the digital realm.
To help this ambition along, he took the pioneering step of creating London’s first-ever CDO role – a job which fit like a glove for Theo Blackwell, former cabinet member for finance, technology and growth at Camden Council and the man partly responsible for helping the local authority achieve the enviable status of Digital Council of the Year in 2017. As part of his council job, which he held for 15 years, Blackwell delivered groundbreaking solutions such as the Camden Account, Open Data Camden, and a shared ICT and digital service.
He has also solidified his reputation as a tech connoisseur in the private sector, where he worked as a policy fellow at both GovTech accelerator Public.io and the gaming industry’s trade body Ukie – where he led a campaign calling to put coding back on the curriculum.
His track record in bringing digital solutions to the limelight matched up perfectly with Khan’s vision for the CDO job. Blackwell is expected to play a leading role in developing a new Smart London Plan and building collaboration across all layers of the capital’s boroughs and businesses in order to drive digital transformation.
Naturally, then, in a world increasingly faced with the threat of cyber-attack – a threat the UK has been no stranger to in recent months and years – London’s cyber security infrastructure will play a key part in Blackwell’s overall digital agenda.
In line with central government’s growing prioritisation of cyber security, reflected by the creation of the National Cyber Security Centre (NCSC) and a strategy to match, Khan recently established the London Digital Security Centre (LDSC). As the organisation’s COO writes on page 53, the new centre will support the capital’s vision by helping businesses grow and innovate online in a secure environment.
Speaking to PSE, Blackwell recommended that every business, of every size, “should take advantage of the resources available through the LDSC, which would mean they would have the latest threat warnings and a range of advice at their fingertips.”
“Ultimately, I’d like to see everyone understanding at least the basics about staying safe online – it’s an issue for public services and for citizens,” he explained. “London’s tech community is seen as a world leader in cyber security and resilience, so we should also see this as a growth opportunity.”
The new centre is working closely with City Hall and the NCSC to make this vision happen, as well as to crack down on the core threats to a safe digital landscape. “Collaboration will be key if we are to present a clear and coherent message about the threats to cyber security and the measures that can be taken to guard against them,” Blackwell argued.
“We’re still seeing a lack of knowledge as to what being ‘secure online’ actually means, so that would be a good place to start. Also, there seems to be a disconnect between the risk and the resources which some organisations are prepared to put into safeguarding against it. Security breaches from inside an organisation – whether through malicious intent or simply carelessness – pose a significant threat, along with more technical issues such as unsuitable procedures for backing up data.”
Implementing the strategy
As with every other region – and perhaps even more so than its neighbours – London is moving to implement the government’s five-year national cyber security strategy, first unveiled in November 2016. Its mandate is clear: boost the UK’s resilience by defending the country against evolving threats; deter all forms of cyberspace aggression by taking offensive action; and develop the growing cyber security industry, underpinned by world-class scientific research and a self-sustaining pipeline of talent. No small feat.
Defining his own role in this, Blackwell said: “I’ll be making the case for more resources for cyber security and further engagement from leaders across the public and private sector. On the flipside, fuller engagement with the public will be important, supported by the authorities, to ensure individuals are increasingly clued up about this issue.
“We are taking views on data security as part of our Smart London Plan from January to April, so we’re keen to hear views on how we can provide the best foundations for cyber security here in London.”
A crucial part of laying these foundations will be reflecting his ethos when it comes to digital transformation – being open to innovation and responsive to the technology sector – in the cyber security world, which Blackwell promised he is “absolutely” interested in doing.
“If London is to lead the way in cyber security then the commercial sector has a key role to play, whether it’s sharing information or best practice, all of which will likely benefit them as much as it will benefit Londoners,” he noted.
“The capital is and should remain the world leader in many areas; cyber security is one of those, and should be encouraged and championed.”
Cyber security under GDPR
As we edge closer to the roll-out of the General Data Protection Regulation (GDPR), which will come into force on 25 May, London’s tech sector is also rushing to ensure organisations are clear on how the major upcoming changes will impact them – not just on data-sharing practices, but the cyber security agenda in particular.
“Hopefully, the requirements of – and the penalties for failing to adhere to – the GDPR will encourage businesses to better train their staff, along with allocating enough resources and a better dialogue between business leaders and tech experts,” said Blackwell. “All of this should mean the situation improves as we move forward. But we need to see this as an opportunity to educate and enhance protection, not just a set of regulations to comply with.
“The work of the LDSC in providing advice and information will be key here, across a range of different platforms and media. I would encourage businesses of all sizes and sectors to engage.”
Ever since last year’s worldwide WannaCry attack, which shut down services across the NHS and effectively brought the health service’s IT infrastructure funding to the forefront of political debate, cyber security has become a major hot-button issue across government. A recent report revealed the UK was one of the most targeted regions in the world for cyber threats last year, and NCSC boss Ciaran Martin, who wrote for our last edition, was recently in the media warning that a major attack was a matter of “when, not if.” It’s no wonder, then, that it’s now all hands on deck in the digital sector.
But Blackwell is confident that the job of securing the nation, albeit gargantuan, can be done. “There’s work to do, but I think as time goes on, both the risk and the safeguards are becoming better understood across the city’s businesses,” he concluded.
“Certainly, the threat is going away, and one way or another businesses will become more and more attentive to keeping themselves safe and secure.”
Top Image: heyengel