The UK government’s first annual report on the implementation of the 2015 National Security Strategy has reaffirmed that cyber-security remains a key priority.
The 39 page report (pdf) lists cyber-security alongside Russia’s actions in Syria and Ukraine and terrorism as among the greatest threats Britain faces.
The range of cyber threats and cyber actors threatening the UK has grown significantly – both from state and non-state actors. The UK increasingly relies on networked technology in all areas of society, business and government. This means that we could be vulnerable to attacks on parts of networks that are essential for the day-to-day running of the country and the economy.
The government goes on to say that it is “working with industry, especially communications service providers, to make it significantly harder to attack UK internet services and users, and to greatly reduce the prospects of successful attacks having a sustained impact on the UK”.
The National Cyber Security Centre, which opened for business in October, will have a key role in co-ordinating response and developing best practice.
PM Theresa May's administration updated the National Cyber Security Strategy in November 2016. The updated strategy - which did not contain any new spending pledges - is expected to include an increase in focus on investment in automated defences to combat malware and spam emails as well as a greater emphasis on building skills and research. The revamped programme also places a greater emphasis on active cyber defence, a broad term that in practice means anything from running honeypot networks to hacking back against adversaries.
We continue to invest in cyber detection and response, as attacks against the UK continue to rise. Over the last year, we have developed new technical capabilities to improve our ability to detect and analyse sophisticated cyber threats. Law enforcement continues to work with industry partners to increase specialist capability and expertise, as well as providing additional training in digital forensics. We are also continuing to progress our Active Cyber Defence measures against high-level threats, by strengthening UK networks against high volume/ low sophistication malware.
The report unveiled plans, still only at the proof of concept stage, to develop a new secure cross-government network to “enable more efficient handling of national security matters”. No timetable was given for what might be described as the Government Secure Intranet (GSI) 2.0.
Skills are always a key problem in the cyber security arena. The UK government wants to promote cyber security education, starting with teenagers in schools and going all the way up to university programmes.
A new Cyber Security Skills Strategy is now under development, which will set out how we will work with industry and academic providers to secure a pipeline of competent cyber security professionals.
GCHQ’s CyberFirst scheme was established to identify, support and nurture the young cyber talent the UK will need in the digital age. In 2016, we announced a major expansion to the scheme, including a programme in secondary schools, with the aim of having up to a thousand students involved by 2020. The first cohort of 14-17 year olds will begin training under this programme in 2017.
We are working with industry to establish specific cyber apprenticeships for three critical national infrastructure sectors: energy, finance and transport. Acknowledging the key role universities play in skills development, we are also working to identify and support quality cyber graduate and postgraduate education, building on the certification programme for cyber security Masters courses, established by GCHQ. We are working to establish an active body to provide visible leadership and direction to the cyber security profession, and to advise, shape and inform national policy.
Moving towards tackling cyber crime, the National Crime Agency (NCA) and the police have increased their numbers of ‘cyber specials’ working alongside law enforcement officers on cyber crime, and are “making good progress towards a target of 80 cyber specials in post by the end of March 2018”. To tackle criminal use of the 'dark web', a new Dark Web Intelligence Unit has been established within the NCA, the report states.
“The upgrade of its capability will continue throughout the 2016-17 financial year and beyond leading to significantly greater technical capability. This will enable the use of multiple data sources, offer new and different types of analysis, and coordinate with multiple agencies to deal with issues at scale.”
Back to more mundane matters, the UK government is also investing in regional cyber crime prevention coordinators, who “engage with SMEs and the public to provide bespoke cyber security advice”.
On a related theme, UK.gov promised to promote its Cyber Essentials scheme to help businesses protect against common cyber threats.
Although GCHQ and policing agencies are most vested in developing cyber security policies, the cyber arena also enters into the work of other government departments. For example, the FCO’s £3.5m Cyber Security Capacity Building Programme is delivering a portfolio of 35 projects benefiting 70 countries to support the “openness and security of networks that extend beyond our own borders”.
To help promote commercial endeavours in security the government is introducing two new cyber innovation centres based in Cheltenham and London; academic start-ups; a £10m Innovation Fund; a proving ground; and an SME boot camp.
“GCHQ has reached out to industry and encouraged firms to invest in cyber security research through the CyberInvest programme which now has 25 industry members committed to investing millions of pounds in cyber security research at UK universities over the next five years,” the government report added. ®