IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
In-depth

Critical national infrastructure: the Government warns business again

Could cyber crime be even more damaging than floods to the country's key industries? A Government summit suggests they might.

Storm warning

Inside the Enterprise: As waves and wind lashed the south west of England, the Government convened its COBRA emergency committee to organise a response this week. But elsewhere in Whitehall, another group of senior officials met to discuss another, potential, disaster: a cyber attack on the UK's national infrastructure.

The summit, hosted by Business Secretary Vince Cable, and the director general of GCHQ, Sir Ian Lobban, brought together the industry regulators for telecoms, energy, water and nuclear power, the Civil Aviation Authority, and the Bank of England.

The regulators were briefed on what ministers, and the security services, believe is a growing threat not just to government bodies, but commercial firms too.

A well-targeted cyber attack could cripple the UK's banking, finance and utility sectors or, at the very least, cause a lot of public inconvenience. The fact that, in critical infrastructure, private firms and government are so closely intertwined means that the failure of a commercial company due to an online attack has an impact far beyond its own shareholders.

This is not the first time that the Government has warned business about the cyber threat, and its role in combatting it. But it is the first time that regulators have been brought in to discuss cyber risks.

The regulators are, of course, responsible for maintaining supply, as well as areas such as competition and pricing. And they do have powers to require the companies they regulate to up their game, when it comes to protecting their networks. And that includes the cyber threat.

GCHQ will be encouraging businesses in the critical infrastructure sector to follow its 10 Steps to Cyber Security, which was issued last year. But GCHQ and government security advisers also want commercial firms to share more information about threats, and how they tackle them, as well as to carry out more cyberdefence exercises.

The financial services sector has recently carried out a number of such tests, led by the Bank of England.

A Cyber Task Force, led by the Cabinet Office and the ICAEW, the chartered accountants' body, recently issued separate guidance for organisastions involved in corporate finance transactions, on how they could improve their information security, and so maintain the City of London's reputation as a safe place to do business. The Government has also contacted the heads of UK listed companies, to give them advice on cybercrime protection.

But the real concern among ministers and, it is easy to suspect, the specialists at GCHQ, is around Government-led or government-backed attacks on the UK. This is where critical national infrastructure comes into play.

An attack on an investment bank or a law firm would be an embarrassment, and a nuisance for its clients. An attack that turned off the water pumps, or the ATMs, could lead to chaos. Security specialists have long worried that commercial firms represent a soft target.

That, though, is changing: commercial firms, or at least those in the CNI field, are starting to take cyber risk more seriously. According to Etienne Greeff, CEO of SecureData, a consultancy, business leaders are starting to ask about the 10 Steps document, and ask if they are doing enough. That, at least, is a step in the right direction.

Stephen Pritchard is a contributing editor at IT Pro.

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
UK water supplier confirms hack by Cl0p ransomware gang
ransomware

UK water supplier confirms hack by Cl0p ransomware gang

16 Aug 2022