IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Industry weighs up GCHQ cyber protection plans

Security market watchers cast a critical eye over Government plans to protect businesses from cyber crime.

Government

Industry watchers have cautiously welcomed plans to get GCHQ to advise private sector firms on how to protect themselves from cyber attacks.

According to a report in the Guardian newspaper, the government surveillance agency will provide the bosses of some of Britain's biggest firms with advice on protecting their online services from cyber criminals.

"GCHQ now sees real and credible threats to cybersecurity of an unprecedented scale, diversity, and complexity", said GCHQ director Ian Lobban.

The Guardian report cites figures from a new GCHQ publication, Executive Companion - 10 Steps to Cyber-Security, which claims that "thousands" of IT systems are compromised by hackers for commercial reasons every day, jeopardising Britain's economic security.

The government can't just give advice it needs to give practical help.

News of the initiative won the support of a slew of security industry watchers, although some have aired concerns over how effective GCHQ's attempts to educate businesses will be.

Rob Cotton, chief executive of information security specialist NCC Group, said GCHQ should provide training and support for businesses, not just advice on avoiding cyber threats.

"The government can't just give advice it needs to give practical help [in the form of] training for employees to reduce the social engineering risk, grants for businesses in need to bolster their security, and mandatory transparency to reduce the stigma of suffering a breach," said Cotton.

Orlando Scott-Cowley, security technologist at cloud-based email archiving vendor Mimecast, said GCHQ should also widen its remit to include a wider range of firms.

"There has always been a threat of cyber-attacks [against] UK businesses, but while it used to be the case that only high value organisations like banks or those dealing in intellectual property were at risk, today all businesses face this threat," he said.

"Being security-conscious' is the job of all companies, their management and their staff."

Mark Brown, director of information security at advisory firm Ernst & Young, added: "This is an appropriate short term solution, [but] the longer term cure for this problem surely involves re-evaluating the skills and knowledge gap in industry rather than government intervention."

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Recommended

UK and US pledge to punish cyber criminals at annual meeting
cyber security

UK and US pledge to punish cyber criminals at annual meeting

19 Nov 2021

Most Popular

Salaries for the least popular programming languages surge as much as 44%
Development

Salaries for the least popular programming languages surge as much as 44%

23 Jun 2022
Attracting and retaining talent through training
Sponsored

Attracting and retaining talent through training

13 Jun 2022
The top programming languages you need to learn for 2022
Careers & training

The top programming languages you need to learn for 2022

23 Jun 2022