The government intends to take more action to defend the UK against cyber attacks, claims the National Cyber Security Centre (NCSC).
The claim comes in a report published by the National Audit Office (NAO), which slams current government cyber security practices.
Private sector cyber security efforts were previously thought to be adequate for containing internet attacks against UK organisations and users. However, the government is now aware that it needs to do more, according to Ciaran Martin, who was commenting for the first time as the NCSC chief executive.
Martin spoke at the Billington Cyber Security Summit and said:
“If we’re to maintain confidence in the digital economy, we’ve got to tackle this end of the problem. I believe there’s a legitimate role for the government in taking a lead… at least temporarily. This is the thinking behind our strategy.”
Martin said that there was a 100% increase on detection of “national-security-level cyber-incidents” last year compared with 2014, totalling around 200 incidents per month. The NAO found 8,995 breaches among the 17 largest governmental departments in 2014/15.
A report from the NAO, which was released concurrently with Martin’s summit appearance, claimed that the government’s attempt at coordinating security practice remains in a state of confusion, despite the fact that recent information sharing trends are leaning towards increased exposure of sensitive data to cyber attacks.
The NAO pointed out that while the formation of the NCSC should help to centralise the government’s cyber security expertise, there will need to be wider reforms and a simplification of reporting personal breaches to make it easier to collect intelligible data.
The NAO said in its report:
“The Cabinet Office does not currently provide a single set of standards for departments to follow, and does not collate or act upon those weaknesses it identifies.”
The NCSC, to be launched in October, is designed to help coordinate current attempts to protect critical information and government infrastructure, and to engage with both the public and businesses.
The centre derives from a governmental plan announced last November to increase cyber security expenditure to £1.9bn by the year 2020, with headquarters to be based in London.
Martin said that after the more serious threats are prioritised, the centre will look to increase protection of the country’s wider digital set-up, which includes attacks on both individuals and business that, while often being crude, cause considerable damage.
Martin added:
“The great majority of cyber attacks are not terribly sophisticated. They can be defended against. And if they get through their impact can be contained.”
Martin confirmed that the government works with a number of service providers in helping to block abuse from traffic rerouting protocols. These make it possible for systems based in the UK to take part in a denial-of-service attack.
It remains to be seen exactly which moves the government will make in shoring up cyber defence. Creating more cyber security jobs to ensure that the necessary cyber talent exists within central government would be a wise move, as it would with any organisation in the current cyber climate.
Send us your CV and have our recruiters match you to the ideal opportunities
Do you already have an account with us?
Log inWant to have an account with us?
RegisterWant to just send us your CV?
By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.