UK Fails To Act Against Cyber Threats

Uploaded on 2018-11-27 in NEWS-Cybersecurity News, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

Ministers in the UK are failing to act with “a meaningful sense of purpose or urgency” in the face of the growing cyber threat to the nation’s critical national infrastructure, a parliamentary committee has warned.

The Joint Committee on National Security Strategy said while states such as Russia were expanding their capability to mount disruptive cyber-attacks, the level of ministerial oversight was “wholly inadequate”.

It urged Theresa May to appoint a single cyber security minister in the Cabinet Office to take charge of the efforts to build national resilience.

The committee, made up of senior MPs and peers, also called on the Government to “prioritise” continued information-sharing and collaboration on cyber with the EU in the Brexit talks. It noted the Government assessed a major cyber-attack on the UK critical national infrastructure (CNI) represented a “top tier” threat to national security, with potentially “devastating” consequences.

But while ministers had explicitly acknowledged the need to improve resilience, it said their efforts had failed to match the level of risk.

“While we applaud the aspiration, it appears the Government is not delivering on it with a meaningful sense of purpose or urgency,” it said.

“Identifiable political leadership is lacking.

“There is little evidence to suggest a ‘controlling mind’ at the centre of government, driving change consistently across the many departments and CNI sectors involved.

“We are concerned that the current complex arrangements for ministerial responsibility mean that day-to-day oversight of cross-government efforts is, in reality, led by officials, with ministers only occasionally ‘checking in’.

“This is wholly inadequate to the scale of the task facing the Government, and inappropriate in view of the Government’s own assessment that major cyber-attacks are a top-tier national security threat.”

The committee welcomed the establishment of the National Cyber Security Centre as the national technical authority but expressed concerns that expectations of what it could achieve were “outstripping the resources put at its disposal”.

It noted that a recent tightening of the regulatory regime “was not the Government’s own initiative but instead flows from our acceptance of EU-wide regulations”.

Ministers needed to do more, it said, to change the culture of CNI operators in the private sector to ensure the cyber threat was addressed at board level with an understanding that it must be “proactively managed”.

“It appears that the Government is reluctant to move more forcefully and, by default, continues to rely on market forces to improve operators’ cyber resilience, despite recognising the previous failure of this approach,” it said.

The committee chair, former foreign secretary Margaret Beckett, said: “We are struck by the absence of political leadership at the centre of government in responding to this top-tier national security threat.

“Too often in our past the UK has been ill-prepared to deal with emerging risks.

“The Government should be open about our vulnerability and rally support for measures which match the gravity of the threat to our critical national infrastructure.”

Gibraltar Chronicle:

You Might Also Read:

The UK Will Be Hit By A Category One Cyber-Attack

« The Way You Walk Will Reveal Your Identity To Surveillance Technology
Russians Impersonating US State Department Aide In Hacking Campaign »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Wisegate

Wisegate

Wisegate is a community of IT experts providing advisory services on all areas of IT including security.

Security Onion Solutions

Security Onion Solutions

Security Onion Solutions is the creator and maintainer of Security Onion, a free and open platform for threat hunting, network security monitoring, and log management.

PrivateCore

PrivateCore

We protect data-in-use from hackers trying to steal data such as encryption keys, certificates, intellectual property.

DOS

DOS

DOS is an Ecuadorian company with 3 decades of presence in the market and extensive experience in the planning, management and execution of IT Service Integration Projects.

Lightship Security

Lightship Security

Lightship Security is an accredited Common Criteria and FIPS 140-2 IT security testing laboratory that specializes in test conformance automation solutions and IT product security certifications.

DAkkS

DAkkS

DAkkS is the national accreditation body for Germany. The directory of members provides details of organisations offering certification services for ISO 27001.

CryptoSec.info

CryptoSec.info

CryptoSec.info is a web resource focused on educating the beginners in the cryptocurrency space on how to properly secure their online assets from hackers and scammers.

SOC.OS Cyber Security

SOC.OS Cyber Security

SOC.OS is an alert correlation and triage automation tool. It correlates and prioritises your alerts, boosting productivity, enhancing threat visibility and shortening mean time to respond.

PreEmptive Solutions

PreEmptive Solutions

PreEmptive Protection hit the sweet spot between cost, convenience and functionality by helping you protect and secure your apps in a smarter way.

Graylog

Graylog

Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one place.

Comparitech

Comparitech

Comparitech strives to promote cyber security and privacy for all. We are committed to providing detailed information to help our readers become more cyber secure and cyber aware.

SE Ventures

SE Ventures

SE Ventures provides capital to big ideas and bold entrepreneurs who can benefit from Schneider Electric's deep domain expertise, R&D assets, and global customer base.

Cygna Labs

Cygna Labs

Cygna Labs is a software developer and one of the top three global DDI (DNS, DHCP, and IP address management) vendors.

TrueBees

TrueBees

TrueBees is the first deepfakes detector able to detect AI-generated portraits shared on social media and to prevent their diffusion across the web.

Guardian Angel Cyber

Guardian Angel Cyber

Guardian Angel Cyber, is your trusted ally in safeguarding your digital assets and online presence.

CompassMSP

CompassMSP

CompassMSP deliver Managed IT and cybersecurity solutions designed to unleash your business's full potential.