Government publishes cyber security strategy

gallery

The Cabinet Office has revealed the Government’s nation cyber security strategy, which sets out its plans to strengthen national defences over next four years.

The plans are designed to enhance the Government’s current cyber security capabilities, improve security collaboration with and support for business, and boost the UK’s ability to fend off attacks.

Based around four objectives, the document published today sets out a strategy to make the UK a safer place to do business, while facilitating open access to cyberspace and public data, and building out government cyber security skills and knowledge.

Mark Prisk, Minister for Business and Enterprise, said that, with the UK’s online economy valued at £100 billion a year, cyberspace is vital for the UK’s economic prosperity.

“However as well as bringing opportunities for businesses and their customers, cyberspace also brings threats,” he said. “That’s why it’s important that we help all companies, from big multi-nationals to our small businesses take some simple, practical measures to protect themselves and their customers online.”

The strategy makes much of working more closely with businesses, including small and midsized enterprises (SMEs) to increase knowledge transfer and skills levels, as well as cyber crime reporting.

This will include setting an expectation that at least 25% of the value of Government cyber security contracts go to SMEs, echoing the IT procurement strategy plans announced earlier this week.

A joint public/private sector cyber security ‘hub’ for exchanging cyber threat and response information will begin in pilot this December with five business sectors – defence, telecoms, finance, pharmaceuticals and energy.

Action Fraud, the national fraud reporting and advice centre run by the National Fraud Authority will become the central portal for businesses and the public to make it easier to report financially motivated cyber crime.

The IT industry will receive increased support for security standards and skills, including the development of ‘kitemarks’ for cyber security software. A set of voluntary 'guiding principles' will be agreed with internet service providers (ISPs) and a scheme to certify cyber security specialists will be setup by March 2012.

The Centre for Protection of the National Infrastructure (CNI) will broaden its work with companies to ensure they take the necessary steps to protect key systems and data. It will increase its reach to companies that would not ordinarily be considered part of the critical infrastructure, but collectively they represent andimportant part of our economy, like those that innovate and develop new intellectual property, for example.

It also pledged to establish “centres of excellence in cyber security research and provide investment to plug any gaps” and boost the role of the public resource Get Safe Online by introducing a ‘triage’ system to diagnose cyber security issues and give them direct guidance.

Ross Parsell, director of cyber strategy at Thales e-Security, told IT Pro he had been working personally on the development of the strategy as part of government working groups.

Having been particularly involved in the Get Safe Online development, Parsell said: “This recognises that SMEs play a large part in the prosperity agenda. But where do they go when the screen goes blank? The triage system will help them on how to deal with that and we can help from a large company’s perspective on what information would be useful.”

Email to a friend

Print this page