Today, the Chancellor, Philip Hammond, formally launched the government’s new five-year National Cyber Security Strategy. The aims of the new strategy are twofold, covering both protection and prevention. It details the actions that the government will take to protect the UK economy and the privacy of British citizens, and encourages industry to improve its ability to prevent damaging cyberattacks.
Cindy Rose, the new CEO of Microsoft UK, welcomed news of the strategy, saying, “The Chancellor’s announcement is the kind of initiative that the UK needs to protect British citizens from the growing threats we face.” The increase in interconnected domestic devices leaves citizens more vulnerable to cyberattacks, and many businesses are still using old legacy IT systems. These risks, combined with the wide availability of easy-to-use hacking tools, mean that we are all open to attack. The World Economic Forum’s 2016 Global Risks Report estimated the global cost of crimes in cyberspace at $445 billion, so a cohesive approach to cybersecurity is crucial to everyone, whether they are individual citizens or large organisations.
The new National Cyber Security Strategy outlines how the UK will use automated defences to protect citizens and businesses from cyberattacks, support this country’s cybersecurity industry and develop a world-class workforce in this field. Philip Hammond has emphasised the need for CEOs to ensure that their organisations are secure against cyberattacks, and has announced the creation of a new National Cyber Security Centre to provide support in this area. The Chancellor said, “Over the lifetime of this five-year strategy, we will invest £1.9 billion in defending our systems and infrastructure, deterring our adversaries and developing a whole-society capability – from the biggest companies to the individual citizen.”
The plan covers actions in three key areas:
- Defend. The government will strengthen its own defences and help industry to do the same, especially in sectors such as energy and transport, which form part of the UK’s national infrastructure. It will do this by using automated defence techniques to reduce the impact of cyberattacks, aiming to stop malicious email and viruses from ever reaching their intended recipients, for example.
- Deter. The government will ensure that persistent hackers are vigorously pursued. To this end, it is recruiting over 50 specialist cybercrime investigators and technical specialists to the National Cyber Crime Unit. Law enforcement capabilities will be enhanced to raise the cost of cybercrime and make it clear that the UK will defend itself in cyberspace.
- Develop. The government has committed to creating a new cybersecurity research institute, which will look at ways of improving the security of domestic devices such as smartphones, tablets and laptops. It will also look to increase investment in the next generation of students and experts.