UK Cyber Security – Future Plans

12 August 2016

Amethyst’s Ross Thomson looks ahead


A quick search for the term ‘cyber’ on the BBC website returns a list of results that, just for the past three months, include attacks on Mumsnet, Delta and American airlines, South Yorkshire Police, GoToMyPC and Wendy’s food chain.  It is not surprising that we hear a lot about US breaches as they have a legal requirement to disclose them but there is no doubt that UK business and government are also being targeted. 

Cyber is still considered a UK Tier 1 threat and to give credit to the Government it does recognise this reality.  George Osborne’s speech to GCHQ in November 2015 announced a major commitment to tackling the cyber terrorism, crime and espionage threats, all of which are exploiting cyber space and its associated vulnerabilities.  Looking back to what has been achieved since 2012 when the Cyber Security Strategy was launched and over £1Bn has been spent, the Director of Cyber Security at GCHQ admitted that it “hasn’t worked” and there is now an obvious requirement to refocus the UK’s effort.  So what is the plan for the UK?

Well the new initiatives announced in the National Cyber Security Plan include:

  • A commitment to increase cyber funding to £1.9Bn by 2020

  • An intent to recruit 1,900 additional staff into the security and intelligence agencies

  • Enactment of the Investigatory Powers Bill which will strengthen detection and investigatory capabilities

  • The launch of the National Cyber Security Centre (NCSC) in October 2016

  • Creation of a stronger Active Defence Programme, which will seek to explore whether Internet Service Providers (ISPs) can work together to divert and block malware attacks

  • A renewed crackdown on cyber-criminals, with increased capabilities for the National Cyber Crime Unit (NCCU)

  • A new Institute for Coding called the Centre for Digital Skills and Computer Science, which will train the nation’s next generation of coders

  • An ambitious new cyber skills programme whose aim is to build the cyber skills necessary to protect the UK

  • Development of a stronger cyber sector by creating a Cyber Innovation Centre in Cheltenham to house and support cyber start-ups in their early months

  • A new Cyber Security Strategy to be published in late 2016

The highlight is probably the creation of the NCSC, which will bring together the information security arm of GCHQ, the Centre for the Protection of National Infrastructure, CERT-UK and the Centre for Cyber Assessment.  The aim is to build on their existing capabilities and significantly simplify the current arrangements.

It is also noteworthy that there is an emphasis on developing the cyber skills. The ISACA survey conducted in late 2015 found an alarming 86% of business and IT professionals globally believe there is a shortage of cyber security professionals. Government and law enforcement face an even greater challenge constrained as they are by low salaries and public sector pay freezes.

So will this make a difference? Maybe, maybe not; the National Crime Agency suggests that UK is not winning the cyber arms race or even keeping pace.  However, taking an optimistic view, it is worth remembering that we probably lead the world in this area and are better placed than most to protect our digital society.

Contact us for more information

<< Back to Latest News items