In-depth

Experts say UK must keep pace with cyber threats

Industry welcomes £1.9bn investment, but highlights skills shortage

With the UK government committing 1.9 billion of spending to shore up the country's cybersecurity defences, experts in the field have given their verdicts on what the announcement will mean for the industry and the nation.

Sam Millar, litigation & regulatory partner at global law firm DLA Piper, told IT Pro that the chancellor was right to emphasise the need for the UK to keep up with the scale and pace of cyber threats.

"It is clear that individuals and businesses are not yet equipped to cope with these collective risks likened by Hammond as being as dangerous a threat to our national security as terrorism. It is vital that the government ensures that law enforcement efforts and legislation to tackle cybercrime are agile, up-to-date and robust so that the ever-evolving risks are managed and criminals prosecuted swiftly wherever possible."

Millar said that on the corporate side, there is no doubt that responsibility for ensuring that organisations are as secure as they can be against cyber attacks rests firmly with the CEO and the board.

"How that responsibility is exercised and the extent of resources deployed will differ from corporate to corporate and sector to sector," he said.

"Stronger partnerships between government, law enforcement, industry (in all sectors) and academia will be essential if the UK is to protect its businesses and infrastructure both physical and digital - and ultimately remain a global leader," Millar added.

Mark O'Halloran, a partner at law firm Coffin Mew, told IT Pro that the new strategy is "great news" for business as it shows the government's commitment to invest significantly in taking on large-scale and state-sponsored cybercrime.

"But business should not be complacent and think this means the cyber environment will become easier to navigate," he said.

"The onus will still very much be on companies to shore up their own cybersecurity. We've seen from the ICO's record-breaking 400,000 fine of TalkTalk that the government expects companies to invest heavily themselves and adopt state-of-the-art protection."

He added that when GDPR comes into play in May 2018, the ICO will be able to impose even heftier fines up to 4% of a company's global turnover for data breaches - even those resulting from targeted hacking by sophisticated criminals.

"Companies should always remain vigilant and remember that the most successful hacks result, not from clever software, but from human vulnerabilities. One of the most common types of incursions, spear phishing, simply needs an unsuspecting employee to respond to an apparently genuine email asking them to verify their login details."

O'Halloran said that training employees in cyber awareness will remain as essential as deploying the latest anti-virus and attack detection software.

"Therefore, the government may help prevent massive Denial of Service (DDoS) attacks, but that won't stop a friendly phone call to your finance team from someone claiming to work in your IT department needing to run a software update."

Mike East, VP EMEA at CrowdStrike, told IT Pro that the UK's cash injection to shore up cyber defence is a nod to its acceptance that reactive action to cyber threats is no longer enough. The next step is to use intelligence to support the detection and management of attacks, and better counter criminal activity, he said.

"The theft of information to uncover a government's national security strategy is one thing, but the theft of information in order to influence elections, is another - it changes the dynamic," said East.

"Ultimately, the UK government has a fundamental right to protect its citizens. Moving forwards, it must focus on understanding its adversaries better their motives, their tactics, and how that intelligence can be used in order to stay one step ahead."

Jonathan Martin, cybersecurity & cloud department manager of IT recruitment firm Networkers, saidhis firm welcomed the government's 1.9 billion investment into cybersecurity, and was pleased to hear that some of this investment will be dedicated towards education and training of cybersecurity experts.

But he warned that there is currently a shortage of cybersecurity experts to manage the increasing problems presented by the integration of tech into our daily lives.

"As industry incorporates more and more technology, the need for these experts will only increase and as a result, we anticipate a steep rise in demand for their skills. Without a concerted programme to entice the next generation, the UK could leave itself vulnerable," he said.

Featured Resources

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Evaluate your order-to-cash process

15 recommended metrics to benchmark your O2C operations

Download now

AI 360: Hold, fold, or double down?

How AI can benefit your business

Download now

Getting started with Azure Red Hat OpenShift

A developer’s guide to improving application building and deployment capabilities

Download now

Recommended

Hackers publish over 4,000 files stolen from SEPA in ransomware attack
Security

Hackers publish over 4,000 files stolen from SEPA in ransomware attack

22 Jan 2021
Weekly threat roundup: SAP, Windows 10, Chrome
vulnerability

Weekly threat roundup: SAP, Windows 10, Chrome

21 Jan 2021
Biden nominees highlight tough cyber security challenges
cyber security

Biden nominees highlight tough cyber security challenges

20 Jan 2021
Report: Security staff excluded from app development
cyber security

Report: Security staff excluded from app development

20 Jan 2021

Most Popular

SolarWinds hackers hit Malwarebytes through Microsoft exploit
hacking

SolarWinds hackers hit Malwarebytes through Microsoft exploit

20 Jan 2021
How to recover deleted emails in Gmail
email delivery

How to recover deleted emails in Gmail

6 Jan 2021
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

12 Jan 2021