UK Fails To Act Against Cyber Threats

Ministers in the UK are failing to act with “a meaningful sense of purpose or urgency” in the face of the growing cyber threat to the nation’s critical national infrastructure, a parliamentary committee has warned.

The Joint Committee on National Security Strategy said while states such as Russia were expanding their capability to mount disruptive cyber-attacks, the level of ministerial oversight was “wholly inadequate”.

It urged Theresa May to appoint a single cyber security minister in the Cabinet Office to take charge of the efforts to build national resilience.

The committee, made up of senior MPs and peers, also called on the Government to “prioritise” continued information-sharing and collaboration on cyber with the EU in the Brexit talks. It noted the Government assessed a major cyber-attack on the UK critical national infrastructure (CNI) represented a “top tier” threat to national security, with potentially “devastating” consequences.

But while ministers had explicitly acknowledged the need to improve resilience, it said their efforts had failed to match the level of risk.

“While we applaud the aspiration, it appears the Government is not delivering on it with a meaningful sense of purpose or urgency,” it said.

“Identifiable political leadership is lacking.

“There is little evidence to suggest a ‘controlling mind’ at the centre of government, driving change consistently across the many departments and CNI sectors involved.

“We are concerned that the current complex arrangements for ministerial responsibility mean that day-to-day oversight of cross-government efforts is, in reality, led by officials, with ministers only occasionally ‘checking in’.

“This is wholly inadequate to the scale of the task facing the Government, and inappropriate in view of the Government’s own assessment that major cyber-attacks are a top-tier national security threat.”

The committee welcomed the establishment of the National Cyber Security Centre as the national technical authority but expressed concerns that expectations of what it could achieve were “outstripping the resources put at its disposal”.

It noted that a recent tightening of the regulatory regime “was not the Government’s own initiative but instead flows from our acceptance of EU-wide regulations”.

Ministers needed to do more, it said, to change the culture of CNI operators in the private sector to ensure the cyber threat was addressed at board level with an understanding that it must be “proactively managed”.

“It appears that the Government is reluctant to move more forcefully and, by default, continues to rely on market forces to improve operators’ cyber resilience, despite recognising the previous failure of this approach,” it said.

The committee chair, former foreign secretary Margaret Beckett, said: “We are struck by the absence of political leadership at the centre of government in responding to this top-tier national security threat.

“Too often in our past the UK has been ill-prepared to deal with emerging risks.

“The Government should be open about our vulnerability and rally support for measures which match the gravity of the threat to our critical national infrastructure.”

Gibraltar Chronicle:

You Might Also Read:

The UK Will Be Hit By A Category One Cyber-Attack

« The Way You Walk Will Reveal Your Identity To Surveillance Technology
Russians Impersonating US State Department Aide In Hacking Campaign »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

iXsystems

iXsystems

iXsystems is a leader in Open-Source enterprise server and storage solutions including Backup & Recovery to protect critical data.

FlashRouters

FlashRouters

FlashRouters offers DD-WRT compatible router models with improved performance, privacy/security options, and advanced functionality.

QATestLab

QATestLab

QATestLab is a leading International software testing company offering a full range of software testing services including security testing.

Zymr

Zymr

Zymr specialize in cloud computing solutions including Cloud Security, Cloud Mobility, Cloud Apps, Cloud Infrastructure and Cloud Orchestration.

INCIBE-CERT

INCIBE-CERT

INCIBE-CERT is the reference security incident response center for citizens and private law entities in Spain

Cyber Security Challenge UK

Cyber Security Challenge UK

Cyber Security Challenge UK is a series of national competitions, learning programmes, and networking initiatives designed to identify, inspire and enable more people to become cybersec professionals.

Computer Forensics Consult (CFC)

Computer Forensics Consult (CFC)

Computer Forensics Consult provides disaster recovery, computer forensics, electronic discovery and litigation support services in the growing area of Cyber Security.

Crypto4A Technologies

Crypto4A Technologies

Crypto4A quantum-ready cybersecurity solutions significantly improve protection for Cloud, loT, Blockchain, V2X, government and military application deployments.

Netlawgic Legal Services

Netlawgic Legal Services

Netlawgic is exclusively focused on delivering cyber law solutions to the industry. We provide our clients with specialized attention and problem solving in all aspects of cyber law.

Casque SNR

Casque SNR

CASQUE SNR is the next generation of Identity Assurance that has potential to supersede existing solutions. It provides Identity Assurance for both people and things.

World Cyber Security Summit

World Cyber Security Summit

World Cyber Security Summit, by Trescon, is a thought-leadership driven platform for CISOs who are looking to explore new-age threats and the technologies/strategies that can help mitigate them.

Pionen

Pionen

Pionen are a specialist information security consultancy with excellent people and proven security delivery methodologies at its core.

ORS Consulting

ORS Consulting

ORS Consulting is a specialist provider of risk management advisory services supporting asset-intensive industries such as chemicals, energy, power and utilities, defence and maritime.

Securonix

Securonix

Securonix delivers a next generation security analytics and operations management platform for the modern era of big data and advanced cyber threats.

TrueBees

TrueBees

TrueBees is the first deepfakes detector able to detect AI-generated portraits shared on social media and to prevent their diffusion across the web.

Trovent Security

Trovent Security

Trovent was founded with a clear goal: to support medium-sized companies in significantly increasing their IT security level.