UK cybersecurity ‘in good place’ to fend off threats

UK cybersecurity is 'in a good place' and is poised to evolve to match the threats of attacks the world over.
3 December 2018

It could be worth having a policy in place. Source: Shutterstock

With all the distractions of Brexit— especially in light of alleged Russian interference— it’s comforting to note that cybersecurity in the UK is ‘in a good place’ according to the deputy director of the National Cyber Security Strategy, Mark Sayers .

Sayers believes that the successful formation of the National Cyber Security Centre (NCSC) “was about bringing together our very best intelligence and technical expertise into a single world-leading authority, which has undertaken some pretty pioneering work in its first two years.”

He added that the government has continued to invest and build the UK’s cyber capabilities across UK law enforcement, lauding “ground-breaking early intervention programs” to deter cyber criminals and the impact of school and university-led education programs.

The NCSC laid out a new procedure, dubbed the ‘Equities Process’, that describes how it makes decisions on when to make public the discovery of new flaws. Its technical director, Ian Levy, says that “there’s got to be a good reason not to disclose”.

The default position of the NCSC is to disclose vulnerabilities only once the fixes have been made. But he did say that the government could keep them confidential if there is an overriding intelligence reason. Preventing cyber-attacks like “WannaCry” back in 2017, for example, is now a key goal for the agency.

While the UK is certainly confidence in its ability to handle cyber threats, however, a related report by Frost & Sullivan revealed there could be a shortage of 1.8 million workers in the IT sector by 2022.

The findings were stark enough to form part of a parliamentary hearing by the Joint Committee on the National Security Strategy. Thales eSecurity’s VP of Sales, Peter Carlisle, believes that upskilling the UK workforce is long overdue to bridge the gap in the skills and knowledge required to combat increasingly sophisticated threats.

He added that the UK’s program for cyber reservists should focus on the development and nurturing of these skills in order to provide better career progression, and ultimately provide better protection for businesses as a whole.