- European cybersecurity professionals (87%) from NATO countries of Germany, France, and the United Kingdom see government-led initiatives as critical to national cyber defenses
- 82% of global respondents believe software supply chain risk management is of either high or crucial importance for national security
- The lack of in-house cyber skills and expertise prevents organizations from deploying cyber defense technologies
In light of recent events in Ukraine, there are concerns that governments are not adequately prepared or responsive to cyberattacks on critical infrastructure. Recently, hackers targeted one of Ukraine’s largest energy companies, trying to shut down substations, which would have caused blackouts for two million people. No doubts, government organizations are working hard to strengthen their cyber defenses. Still, the ongoing arms race between bad actors and security professionals means that new vulnerabilities and attack tactics are constantly emerging.
To complicate matters, the accelerating spread of digital technologies across all facets of society exposes government agencies to new risks that they need to defend against. As a result, the government has to regularly re-evaluate its cybersecurity strategies to stay ahead of the threat.
Room for improvement in cybersecurity partnerships
The 2022 Cyber Readiness report by Trellix found that European cybersecurity professionals (87%) from NATO countries of Germany, France, and the United Kingdom see government-led initiatives as critical to national cyber defenses.
Meanwhile, 86% of UK respondents believe there is room for improvement in cybersecurity partnerships between the government and organizations. In addition, 82% of global respondents stated that software supply chain risk management is of either high or crucial importance for national security. However, just 39% of UK respondents have fully implemented the policies and processes.
The never-ending game of hacker whack-a-mole
Government and critical infrastructure operators are playing a never-ending game of hacker whack-a-mole as they patch vulnerabilities to thwart cyberattacks. The uptick in ransomware is part of this cat-and-mouse game. Today’s hackers often seek to access computer networks for espionage or sabotage purposes rather than financial gain.
They are increasingly targeting systems and assets vital to a nation’s economic security, such as energy, transportation, or telecommunications systems. Cyberattacks against critical infrastructure have increased significantly over the past few years.
Lack of in-house cyber skills and expertise
The lack of in-house cyber skills and expertise prevents organizations from deploying cyber defense technologies. This highlights concerns around a shortage of specialist cyber security staff and the cost of implementing cyber defenses.
The respondents compromising German (48%), British (41%), and French (35%) acknowledged a lack of in-house cyber skills as a critical challenge to their implementation efforts. A lack of implementation expertise as a crucial barrier for a third of each group was also identified. These findings mirrored cybersecurity skills shortages in the US and the Asia Pacific.
“The UK government has previously set out the admirable vision to be a leading cyber power in 2030, able to protect and promote its interests in and through cyberspace in support of national goals. Yet as cybercriminals backed by nation-states up the ante, the UK – and every other country – will need to do the same to achieve this goal,” said Rech.
This will require a joint effort across the public and private sectors. To combat the heightened risk of hostile cyber activity today, the UK government’s push to strengthen collaboration with businesses and shore up defenses needs to be accelerated,” added Rech.
26 May 2023
26 May 2023