The first Government Cyber Security Strategy (GCSS) will see close to £40 million invested in strengthening the defences of the UK’s public sector.
That's according to an announcement made by the Cabinet Office, which follows a report from NCSC’s that found around 40% of all cyber incidents recorded between September 2020 and August 2021 were aimed at the public sector. Some of the most notable attacks targeted Hackney Borough Council in November 2020 and, more recently, Gloucester City Council.
The newly-launched GCSS plans to spend £37.8 million on bolstering the cyber resilience of local authorities in an effort to protect essential services such as housing benefits, voter registration, electoral management, school grants, and the provision of social care.
The strategy will see the establishment of a new Government Cyber Coordination Centre (GCCC) that will aim to rapidly identify, investigate, and coordinate the government’s response to attacks on public sector systems.
Outlook 2022: Five priorities for boards, management & governance professionals
What’s driving the future of governance
In addition, the GCSS will also include the creation of a new cross-government vulnerability reporting service that will bring together security researchers as well as members of the public for the easy reporting of issues with public sector digital services.
In a speech scheduled to be given later today, Chancellor of the Duchy of Lancaster Steve Barclay will declare that “the cyber threat is clear and growing”, with the UK now being the “third most targeted country in the world in cyberspace from hostile states”.
“If we want people to continue to access their pensions online, social care support from local government or health services, we need to step up our cyber defences,” he is expected to say, before adding that the government is “investing over £2 billion in cyber, retiring legacy IT systems and stepping up our skills and coordination”.
The GCSS builds on the recently unveiled £2.6 billion National Cyber Strategy that prioritises investing in the nation’s digital skills, improving cyber security response and recovery tactics, and deterring and disrupting state-backed cyber attacks against the UK.
The priorities are part of five “pillars” that are expected to be implemented by 2025: strengthening the UK cyber ecosystem; building a resilient and prosperous digital UK; taking the lead in the technologies vital to cyber power; advancing UK global leadership and influence for a more secure, prosperous and open international order; and detecting, disrupting, and deterring adversaries to enhance UK security in and through cyber space.
