Comment

18.12.17

The cyber security strategy, one year on

The UK’s progress in strengthening cyber security measures since the national strategy came out has been encouraging, but more needs to be done to tackle the lingering issue of skills, says Talal Rajab, head of cyber and national security at techUK.

It’s no exaggeration to say that 2017 was the year that cyber was brought closer to the forefront of the public’s consciousness than ever before. With operations being cancelled due to the WannaCry ransomware attack that affected the NHS, to the Houses of Parliament suffering a brute force attack, public sector bodies were at the forefront of the government’s response to the growing cyber threat. That is why, through the National Cyber Security Strategy, the government set out an ambitious framework that aimed to make the UK the most secure place to live, work and do business online. 

Evaluating the strategy one year on, it is clear that its main efforts went into the establishment of the National Cyber Security Centre (NCSC) which, in its first year, responded to 590 significant cyber-attacks across the UK (read more on page 50).

The resources and expertise behind the NCSC are clear signs of the seriousness with which government takes cyber security. However, with an expected increase in state-sponsored threats, the UK will need to continue to raise the bar across the board in terms of its response and resilience. This includes the continued development of the regulatory framework, with the General Data Protection Regulation (GDPR) and Network and Information Systems Directive (NIS) due to come into effect in May 2018.

It is contingent, however, on a key issue that affects countries around the world: skills. Recent estimates suggest that there will be a global cyber security workforce shortfall of 1.8 million by 2022. That is primarily why the strategy commits the UK to developing “a sustainable supply of homegrown cyber professionals.” It has delivered a multitude of great initiatives looking to develop these skills, such as CyberFirst, along with a wider range of government and industry-backed schemes catering to digitals skills more generally.

Work is also currently being undertaken by the NCSC and DCMS to develop a professional body for cyber security, offering clearer career pathways that can only make the sector more attractive to potential candidates. Its development is surely to be supported, so long as it complements existing organisations and systems rather than adding a layer of complexity.

This progress is encouraging, but more could certainly be done to join these efforts up under a more coherent strategy and approach. Similarly, whilst the long-term fix of reaching those at school age is an important one, there is an urgent short-term need for initiatives that reskill the current workforce, identifying transferrable skills and creating pathways for returners. More can also be done to tap into the potential of candidates with neuro-diverse conditions.

The strategy has also seen the emergence of many exciting potential new initiatives that are aimed at growing the UK cyber sector and using our sovereign cyber capabilities to stay ahead of the threat. One cyber security innovation centre, based in Cheltenham, has opened and hosted some exciting cyber security start-ups, whilst another is due to open in London over the next 12 months. DCMS has also run ‘boot-camps’ for cyber start-ups and mentoring programmes for academics to help them turn their ideas into viable cyber security companies.

Another example is a potential ‘proving ground’ for cyber products to be tested by the NCSC. Clearly there will be sensitivities surrounding public endorsement by government bodies of private technologies, but as the UK moves to a global, more export-driven international framework (as advocated by current government ministers) UK industry successes should indeed be encouraged and promoted.

It’s too early to judge the National Cyber Security Strategy with four years still to go, but 2017 has given the UK a platform to achieve its ambitions and meet the growing challenges the UK cyber sector faces.

Top image © everythingpossible

 

FOR MORE INFORMATION
W: techuk.org
W: gov.uk/government/policies/cyber-security

Comments

There are no comments. Why not be the first?

Add your comment

 

public sector executive tv

more videos >

latest public sector news

Bill for cash-strapped council’s usage of ring-fenced money could be up to £16m

21/05/2018Bill for cash-strapped council’s usage of ring-fenced money could be up to £16m

 A new investigation into the usage of public funds by Northamptonshire County Council could levy the authority with a £16m grant bill... more >
Local authority’s enhanced powers ‘ripe for misuse’ for convicting hundreds of homeless, new figures show

21/05/2018Local authority’s enhanced powers ‘ripe for misuse’ for convicting hundreds of homeless, new figures show

People sleeping rough on Britain’s streets have been fined, given criminal records, or even imprisoned due to enhanced council powers to re... more >
Council calls on Whitehall to fix ‘broken’ funding system, rejects claims of bankruptcy

21/05/2018Council calls on Whitehall to fix ‘broken’ funding system, rejects claims of bankruptcy

A Conservative-controlled council has called on the government to sort out its “broken” funding system, and claimed it was not going ... more >
149x260 PSE Subscribe button

the raven's daily blog

The complexities of Brexit and the hunt for exceptional data scientists

16/04/2018The complexities of Brexit and the hunt for exceptional data scientists

Christopher Gallagher, public sector – SAS, says it’s imperative that organisations have the most experienced data scientists at hand. The Civil Service is feeling immense Brexit stress. Making the right decisions, analysing the ‘best interests’ of the nation as a whole, as well as discrete segments of the populati... more >
read more blog posts from 'the raven' >

interviews

GDPR: The public sector scarecrow

03/04/2018GDPR: The public sector scarecrow

SPONSORED INTERVIEW PSE’s Josh Mines chats to Martin de Martini, CIO of Y Soft, about what the General Data Protection Regulation (GDPR)... more >
Data at the heart of digital transformation

03/04/2018Data at the heart of digital transformation

SPONSORED INTERVIEW Grant Caley, UK & Ireland chief technologist at NetApp, speaks to PSE’s Luana Salles about the benefits of movin... more >
Keeping London safe

05/03/2018Keeping London safe

Theo Blackwell, London’s first-ever chief digital officer (CDO), speaks to PSE’s Luana Salles about the role he plays in ensuring the... more >
BIM: Digitising the public sector

19/02/2018BIM: Digitising the public sector

PSE’s Josh Mines talks to Stephen Crompton, CTO at GroupBC, and Stuart Bell, the company’s sales and marketing director, about how Bu... more >

last word

The importance of openness after Grenfell

The importance of openness after Grenfell

Following the recent Grenfell Tower tragedy, Lord Porter, chairman of the LGA, argues that if the public are going to have faith in the safety testing process then everything must be out in the o... more > more last word articles >

editor's comment

25/10/2017Take a moment to celebrate

Devolution, restructuring and widespread service reform: from a journalist’s perspective, it’s never been a more exciting time to report on the public sector. That’s why I could not be more thrilled to be taking over the reins at PSE at this key juncture. There could not be a feature that more perfectly encapsulates this... read more >

public sector focus

The legacy of Grenfell

30/04/2018The legacy of Grenfell

PSE’s Seamus McDonnell looks at the rea... more >
Inquiry warns of ‘lack of transparency’ around child sexual abuse failures

27/04/2018Inquiry warns of ‘lack of transparency’ around child sexual abuse failures

There has been a “lack of transparency&rd... more >