The UK Government has published its new National Cyber Strategy.
Home Secretary Priti Patel said: “Cybercrime ruins lives and facilitates further crimes such as fraud, stalking, and domestic abuse. Billions of pounds are lost each year to cybercriminals who steal or hold personal data to ransom and who disrupt key public services or vital sectors of the national economy. This strategy will significantly improve the Government’s response to the ever-changing threat from cybercrime and strengthen law enforcement’s response in partnership with NCSC [National Cyber Security Centre] and the National Cyber Force. We all have a part to play in protecting ourselves from cybercrime. It is important that as a society, we take this threat seriously.”
NCSC chief Lindy Cameron, pictured, was among cyber figures who spoke at the launch of the document in Birmingham; due to the Omicron variant of coronavirus what had been intended to be an in-person launch at the ICC was an appropriately mainly online event.
The wide-ranging document covers diversity, skills, professional standards, what the government can do and what with others such as academia, and the tech sector. The strategy was, the launch heard, ambitious. The Government is announcing a new “Cyber Explorers” online training platform which will teach young people cyber skills in classrooms; a Royal Charter for the umbrella body UK Cyber Security Council has been approved by the Queen. Also new: a National Laboratory for Operational Technology Security; and a National Cyber Advisory Board (NCAB).
The Product Security and Telecommunications Infrastructure Bill is to enforce minimum security standards in all new consumer ‘smart’ products, such as fridges and toys. Also promised is ‘a regionally delivered model’ rather than London-based cyber firms; hubs, clusters or eco-systems, such as in (to name two mentioned by Lindy Cameron) around Queen’s University Belfast in Northern Ireland; and Malvern (as featured in the December print edition of Professional Security magazine, and showcased in the 3CDSE exhibition which also featured the defence side of private security).
Sir Jeremy Fleming, Director GCHQ said: “The National Cyber Strategy builds on the country’s strong foundations in cyber security that GCHQ’s work has been part of, particularly through the NCSC. But it goes beyond that. It brings together the full range of cyber activities, from skills to communities, and to the use of offensive cyber capabilities through the newly established National Cyber Force.
“It shows how the UK can build capacity across the country to continue to prosper from the opportunities of cyberspace. And, as a leading responsible cyber power, can build alliances with democratic partners around the world to protect a free, open and peaceful cyberspace.”
You can read the strategy in several places; for instance the GCHQ website.
Comment
Jamie Collier, Cyber Threat Intelligence Consultant at Mandiant, welcomed the strategy as ‘a positive and assertive vision’. He said: “This latest strategy adopts a more encompassing view of cyber that extends beyond security to also connect with broader themes of diplomacy, national power, and statecraft. It presents a proactive vision in responding to both state-backed espionage and cyber criminal activity, recognising that public attribution and even cyber sanction regimes have not always been successful in fundamentally altering the actions of attackers. The recently announced National Cyber Force indicates a new appetite to deter state operations more directly by disrupting adversary network infrastructure.
“The strategy also sets out a firm approach to countering cybercrime, likely in response to the devastating impact of ransomware in the UK and around the world over the past two years. There is a clear willingness to disrupt the cyber criminal ecosystem and the affiliated tools and services that empower criminal groups. With £2.6 billion earmarked for cyber security over the coming five years, the Government clearly remains highly committed to its central vision to keeping the UK a secure and attractive digital economy. It is encouraging to see that spending plans are largely focused on maintaining existing initiatives, as this highlights that the UK Government has already established many of the foundational elements of its national cyber capability and can now build on this momentum. Putting the groundwork in establishing the National Cyber Security Centre (NCSC) five years ago really paid off for example, as the NCSC is now looked to as an exemplar from international counterparts and is a frequent destination when heads of state visit the UK.”
