News that a senior army general has been appointed to take charge of Britain’s £650m cyber security defence programme is a positive sign in the progression of the Government’s approach. http://www.scmagazineuk.com/government-moves-forward-on-cyber-crime-strategy/article/198523/
It’s another key step in their efforts to bolster protection, and whilst there is no detail on all the measures that are being taken, it does signal the seriousness with which the cyber crime threats are being taken.
The Armed Forces minister Nick Harvey has also said that the MoD is developing a joint approach with industry and co-operation will be vital in strengthening defences. We have to remember that we’re dealing with cyber criminals who are becoming increasingly skilled in evading detection – a collaborative approach between public and private sectors will be vital to mitigate these new threats.
What we must remember though is that Government initiatives can help set the agenda, they can’t protect all of the country or all of the businesses in it. “The government cannot and should not attempt to tackle this issue by itself,” Harvey said. I think the emphasis here is on the “cannot”.
The joint approach, if successful in moving beyond just talking about it, will also bring significant benefits in threat awareness levels, education and common threat response approaches. However one big challenge with this holistic theme is that some attacks are just too targeted to trigger the “sensors” on many different systems that a nationwide monitoring system might need to “see” the threat.
If someone is targeting just one bank or just one electricity company the noise that threat makes will be very low level nationally and requires the bank or electricity company to make sure its house is in order to respond or counter the threat – not the government.
So whilst these announcements are in fact progress, it does not remove the need for individual companies to protect themselves from these increasingly morphic or evasive threats we see coming.