Start New Discussion within our Hardware and Software Community

Although based in New York, DaniWeb is very much a global community. I'm from England, for example, and our moderator Diafol (who will be well known to anyone who has ever browsed the PHP forum) is a Welshman through and through. I mention this as last week I went on a tour of IT security and military tech companies as the guest of the Welsh Government, who were keen to demonstrate how South Wales in particular has become something of a cyber-security cluster in the UK.

My trip was centred in Cardiff, best known to sci-fi geeks the world over as home to Doctor Who. The BBC has been filming there since the series returned to television in 2005, and the city is also where you can find the Doctor Who Experience exhibition until at least 2017. However, Cardiff is the Welsh capital and also sits at the lively beating heart of an IT Security hub in South Wales. The Welsh Government have made it very clear that the intention is to attract security start-ups and established players alike as part of a broader technology business strategy in the country. This aim can be extended beyond the entrepreneurial basics though; there's a will here to make South Wales one of the most secure places in the world to do business, through the building of cyber security skills and resources.

Cardiff is in the final stages of getting an Internet Exchange, one of only a handful outside of London as far as the UK is concerned, helped by a UK Government pledge of £6.8 million towards the cost. Some of this funding being ring fenced to provide small business with connections to the exchange according to Cllr Phil Bale, Leader of Cardiff Council who says "with this development in digital infrastructure, becoming even more super-connected will enables the Welsh Capital to compete against other financial centres across the world." This is for the not too distant future, whereas I am concerned what's actually happening now in Wales; and that started with a trip to the opening of the new Alert Logic European security operations centre (SOC) and HQ.

Alert Logic is a company which specialises in providing Security-as-a-Service for the cloud, and has a global HQ in Houston. Recognising the demand from a rapidly expanding European customer base, however, it has now also located in Cardiff where the SOC will be staffed by a team of local security and threat intelligence experts. At the official launch, Welsh Government Economy Minister Edwina Hart said: “I am delighted to welcome Alert Logic to Wales and the technology and expertise they bring. The decision to locate their new European headquarters in Central Cardiff Enterprise Zone sends out a strong clear message that the city is a prime location for technology companies and can offer all the essential elements for growth including a high level skills base and infrastructure.” Meanwhile, Cllr Phil Bale also added that he looks forward to working not only with Alert Logic but also to "further develop the city and its wider region as a centre of excellence for cyber security."

Which brings me nicely on to the second stop for the day. Following a comfortable trip in a chauffeur driven Mercedes, I ended up at general Dynamics. Although this kind of sounds like a Doctor Who character, it's actually one of the top five global defence contractors. What were the Welsh Government and such a player in the military research space thinking when they invited me, an old hippy and political activist, behind the closed doors of this sprawling complex? It's OK, I wasn't being shown anything top secret although just by signing the visitors book I had apparently agreed to be bound by the Official Secrets Act. Just as well I didn't sign it then, the PR did. That said, I'm sure nobody will mind me revealing that I was briefed about the SCOUT SV; the world's first fully digitised fighting armoured vehicle. This prototype, being developed for the British Army as part of a new £3.5 billion contract with the Ministry of Defence, features the world's most advanced electronic architecture, all-weather intelligence, surveillance, target acquisition and reconnaissance capabilities along with advanced imaging technology. The prototype highlights a platform which will consist of six variants to be delivered to the British Army between 2017 and 2024 and will serve at the very heart of the Armoured Infantry Brigade.

Most blokes would be happy enough with the big boys toys of armoured vehicles, but to be honest I was happier when we moved away to visit the EDGE UK initiative. Still part of General Dynamics, created to provide a physical and virtual environment to foster collaboration between industry, academia and government. I was taken down into the research and development space where boffins were working on, and more than happy to demonstrate, technologies as diverse as a portable 'overhead projector' touch screen system that can be used on any table-top to replace the kind of battlefield maps you may be used to seeing in a tent during some war film or other. Far more portable than most systems, this provided an interactive display covering a large tabletop which for the purposes of the demo was running a historical intelligence and reconnaissance application. A zoomable map of the area was displayed, and by using the fingertip menus you could highlight a given area and immediately see any 'events' that had happened there from discovery of roadside explosive devices through to actual attacks and so, for example, quickly determine if it was a safe place to park up or not. The whole shebang packed away into what can only be described as a large rucksack. Also at the EDGE complex I saw the latest developments in fire and rescue service communication which integrated all the channels required in the field into a secure and simple to use 'app driven' system. All in all, very impressive indeed.

Next on the whistle-stop tour after another drive through the Welsh landscape as the University of South Wales. More specifically a trip to chat with Professor Andrew Blyth, Director of the Information Security Research Group there. Enthusiastic, highly knowledgeable and positively infectious when it comes to talking about cyber security, Prof. Blyth probably knows more about data forensics than anyone I've met. Believe me, having spent 20 years as a journalist specialising in IT security that's saying quite something. And talking of saying something, Prof. Blyth certainly did; from recounting how his lab had already been the first in the UK to forensically restore data from an original iPhone within days of its launch through to more recently being the first to do the same with an Xbox 360 and even extracting evidential data from a washing machine. With the relentless advancement of the Internet of Things, the kind of work being done by Prof. Blyth and the skills being absorbed by his graduate students, are likely to become increasingly important. Skills such as determining how to restore data which has been encrypted under iOS8, for example, or probably the research which fascinated me most - data retrieval from data CD fragments. Apparently the smashing of a data CD while police are forcing entry is a known tactic of the paedophile amongst others, as retrieving that data in any usable way for evidence is all but impossible. Prof. Blyth showed me how he can, using some very expensive imaging equipment costing hundreds of thousands of UK pounds, see the magnetic data on the grooves of a CD fragment no bigger than 10mm. In fact, he told me that he could actually see these magnetic 'bumps' representing data on fragments as small as a single micron but then what he saw would only be a 1 or a 0 and of no use in piecing together a picture of the data that was destroyed.

The highlight of day two of the trip was a visit to nearby Swansea, birthplace of the poet Dylan Thomas and home to SureView Systems which is a worldwide leader in what you may call 'situational awareness products' or 'Physical Security Information Management (PSIM)' systems. I call it CCTV control, although that's something of an understatement to be fair. The Immix Cloud system I saw was actually very clever indeed, managing to consolidate and integrate video, access control, audio and alarm systems into a single point of management and control. It's a web based system, offering an open architecture that comes rather importantly with the largest integration library in the business so that no what security product from whichever vendor was being used, or combination of them, they can all be managed from the one central interface. And what a clever interface it was, whether accessed through the web browser or via an iOS or Android app. The main takeaways were real time push of critical event information such as unauthorised access, door openings, alarms etc and evidential audit logging which can be used in court should the need arise.

I have never thought of CCTV as being exciting, but this stuff was like being in the control room of a sci-fi movie; yet this was a very real, out in the field, critical situational awareness solution in action. Mind you, not being a Doctor Who fan myself (so sue me) I've never thought of South Wales as being particularly exciting until now. Having arrived back in my office in the heart of West Yorkshire, I can hardly wait until I return to Wales to see where the technology is heading next...

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

The article starter has earned a lot of community kudos, and such articles offer a bounty for quality replies.