Industry weighs up GCHQ cyber protection plans
Security market watchers cast a critical eye over Government plans to protect businesses from cyber crime.
Industry watchers have cautiously welcomed plans to get GCHQ to advise private sector firms on how to protect themselves from cyber attacks.
According to a report in the Guardian newspaper, the government surveillance agency will provide the bosses of some of Britain's biggest firms with advice on protecting their online services from cyber criminals.
"GCHQ now sees real and credible threats to cybersecurity of an unprecedented scale, diversity, and complexity", said GCHQ director Ian Lobban.
The Guardian report cites figures from a new GCHQ publication, Executive Companion - 10 Steps to Cyber-Security, which claims that "thousands" of IT systems are compromised by hackers for commercial reasons every day, jeopardising Britain's economic security.
The government can't just give advice it needs to give practical help.
News of the initiative won the support of a slew of security industry watchers, although some have aired concerns over how effective GCHQ's attempts to educate businesses will be.
Rob Cotton, chief executive of information security specialist NCC Group, said GCHQ should provide training and support for businesses, not just advice on avoiding cyber threats.
"The government can't just give advice it needs to give practical help [in the form of] training for employees to reduce the social engineering risk, grants for businesses in need to bolster their security, and mandatory transparency to reduce the stigma of suffering a breach," said Cotton.
Orlando Scott-Cowley, security technologist at cloud-based email archiving vendor Mimecast, said GCHQ should also widen its remit to include a wider range of firms.
"There has always been a threat of cyber-attacks [against] UK businesses, but while it used to be the case that only high value organisations like banks or those dealing in intellectual property were at risk, today all businesses face this threat," he said.
"Being security-conscious' is the job of all companies, their management and their staff."
Mark Brown, director of information security at advisory firm Ernst & Young, added: "This is an appropriate short term solution, [but] the longer term cure for this problem surely involves re-evaluating the skills and knowledge gap in industry rather than government intervention."
The case for a marketing content hub
Transform your digital marketing to deliver customer expectationsDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Why CEOS should care about the move to SAP S/4HANA
And how they can accelerate business valueDownload now
IT faces new security challenges in the wake of COVID-19
Beat the crisis by learning how to secure your networkDownload now