The UK government has identified cyber security as a key area of focus and new investment and in 2011 announced a budget of £650 million to shore up defenses in the UK. So after two years, let’s examine how it’s been spent.
Here’s some of the good things that have resulted from the investment
- SOCA took down 36 website domains that sold credit card data –a small tip of the iceberg, but progress.
- 15,000 fraud websites were suspended
- GCHQ announced a scheme to help companies deal with cyber attacks and give guidance on response to a compromise
- 8 universities have been given the Academic Centre for Excellence in Cyber Security and Research
- CISP, the Cyber security Information Sharing Scheme
However, there are still areas that need further investment
- 60% of the budget was spent on ‘detect and defend’ – we hope that ‘response’ is also a large portion of this investment although it’s not very clear
- The government needs to do a lot more to collaborate with the security industry and ensure that skills and knowledge can be exchanged
- According to the UK National Audit Office it will take the UK up to 20 years to meet the required skills in Cyber security. The universities are a good start but a lot more will have to be done to educate the citizens and raise awareness on cyber security
- Agility is a key factor on where and how this budget is spent. A continuous challenge facing any government is how quickly they can invest with a cyber security landscape that is evolving every day.
The threat to cyber security is persistent and continually evolving. Business, government and the public must constantly be alert to the level of risk if they are to succeed in detecting and resisting the threat of cyber attack. It’s good that the Government has articulated their policy and published some results to date. We’ll have to wait and see if the remainder of the funding is spent to meet the goals initially set out.
