Computer games: Why the next world war could be fought online
IT has made it easier than ever for remote attacks against critical infrastructure, but how prepared are we for this?
As the NATO report suggests, the threat cyber attacks pose to the well-being of citizens and the economy is a concern many countries are aware of. And the UK isn't any different.
There has also been the launch of the Home Office's new Cyber Crime Reduction Partnership in March 2013, which aims to pool the resources of crime fighters, academics and business leaders to help the UK stay one step ahead of cyber threats.
That same month also marked the arrival of the Government's much-hyped Cyber Security Information Sharing Partnerships (CISP) initiative.
This undertaking is designed to make it easier for private sector firms to share information about current cyber threats with the public sector.
While the UK may not yet have suffered from a high-profile Stuxnet-like attack, we have been targeted by some serious stuff.
MI5 chief Jonathan Evans shed some light on the attacks our nation has suffered during a presentation in June 2012.
They included one against a London listed company that resulted in the firm suffering losses totalling 800 million.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"We are currently investigating cyber compromises in over a dozen companies and are working with many others that are of high economic value...that are potential targets of hostile state cyber activity. But this is only a tiny proportion of those affected," said Evans at the time.
IEEE's Curran says, aside from these activities, there are also other signs to suggest the UK Government is taking cyber threats seriously.
"The Government advertised quite a number of internet security jobs in MI5 and [in March] I noted that a senior MI5 counter intelligence expert had been hired by the House of Commons to defend MPs from cyber attacks amid fears foreign agents have penetrated Parliament's computer system," he claims.
While it is very difficult to predict the methods and behaviour of an attack that could hit the UK, the Government needs to offer more support to the education market for research and knowledge building purposes, Curran adds.
"The most important thing the Government can do is emphasise the importance of building cyber security education programmes in universities and further education colleges. There should be a push to encourage more computer scientists and engineers to enter the security field," he explains.
"I find students foolishly seeking the computer gaming world where there are few jobs and ignoring the very exciting world of ethical hacking. I know which I would choose if I wasto start again."
Educating employees about cyber threats is also important, argued several of the people IT Pro spoke to for this article, as their actions - intentional or otherwise - can lead to their organisation's security defences being compromised.
Webroot's Erasmus said companies in all sectors need to make cyber security education a regular part of their employees' training and development schedule.
"Simply relying on an education and training program once a year for employees on the cyber threats that face their organisation is simply not enough," he says.
"The easiest way in [for an attacker] is via employees and using social engineering to silently gain access to corporate and Government assets.
"Organisations rely on employees to be able to identify these attacks when they are put in front of them, but not enough is being done to empower them to do this."