With the UK government committing 1.9 billion of spending to shore up the country's cybersecurity defences, experts in the field have given their verdicts on what the announcement will mean for the industry and the nation.
Sam Millar, litigation & regulatory partner at global law firm DLA Piper, told IT Pro that the chancellor was right to emphasise the need for the UK to keep up with the scale and pace of cyber threats.
"It is clear that individuals and businesses are not yet equipped to cope with these collective risks likened by Hammond as being as dangerous a threat to our national security as terrorism. It is vital that the government ensures that law enforcement efforts and legislation to tackle cybercrime are agile, up-to-date and robust so that the ever-evolving risks are managed and criminals prosecuted swiftly wherever possible."
Millar said that on the corporate side, there is no doubt that responsibility for ensuring that organisations are as secure as they can be against cyber attacks rests firmly with the CEO and the board.
"How that responsibility is exercised and the extent of resources deployed will differ from corporate to corporate and sector to sector," he said.
"Stronger partnerships between government, law enforcement, industry (in all sectors) and academia will be essential if the UK is to protect its businesses and infrastructure both physical and digital - and ultimately remain a global leader," Millar added.
Mark O'Halloran, a partner at law firm Coffin Mew, told IT Pro that the new strategy is "great news" for business as it shows the government's commitment to invest significantly in taking on large-scale and state-sponsored cybercrime.
"But business should not be complacent and think this means the cyber environment will become easier to navigate," he said.
"The onus will still very much be on companies to shore up their own cybersecurity. We've seen from the ICO's record-breaking 400,000 fine of TalkTalk that the government expects companies to invest heavily themselves and adopt state-of-the-art protection."
He added that when GDPR comes into play in May 2018, the ICO will be able to impose even heftier fines up to 4% of a company's global turnover for data breaches - even those resulting from targeted hacking by sophisticated criminals.
"Companies should always remain vigilant and remember that the most successful hacks result, not from clever software, but from human vulnerabilities. One of the most common types of incursions, spear phishing, simply needs an unsuspecting employee to respond to an apparently genuine email asking them to verify their login details."
O'Halloran said that training employees in cyber awareness will remain as essential as deploying the latest anti-virus and attack detection software.
"Therefore, the government may help prevent massive Denial of Service (DDoS) attacks, but that won't stop a friendly phone call to your finance team from someone claiming to work in your IT department needing to run a software update."
Mike East, VP EMEA at CrowdStrike, told IT Pro that the UK's cash injection to shore up cyber defence is a nod to its acceptance that reactive action to cyber threats is no longer enough. The next step is to use intelligence to support the detection and management of attacks, and better counter criminal activity, he said.
"The theft of information to uncover a government's national security strategy is one thing, but the theft of information in order to influence elections, is another - it changes the dynamic," said East.
"Ultimately, the UK government has a fundamental right to protect its citizens. Moving forwards, it must focus on understanding its adversaries better their motives, their tactics, and how that intelligence can be used in order to stay one step ahead."
Jonathan Martin, cybersecurity & cloud department manager of IT recruitment firm Networkers, saidhis firm welcomed the government's 1.9 billion investment into cybersecurity, and was pleased to hear that some of this investment will be dedicated towards education and training of cybersecurity experts.
But he warned that there is currently a shortage of cybersecurity experts to manage the increasing problems presented by the integration of tech into our daily lives.
"As industry incorporates more and more technology, the need for these experts will only increase and as a result, we anticipate a steep rise in demand for their skills. Without a concerted programme to entice the next generation, the UK could leave itself vulnerable," he said.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
2022 Public Sector Identity Index ReportWhitepaper UK Report
-
UK, US condemn Iran for ‘unprecedented’ cyber attack against AlbaniaNews The Balkan nation has cut ties with Iran following the hack, which took down national infrastructure and exposed government information
-
Majority of UK's top business leaders are failing to manage supply chain security risksNews New findings from a DCMS review have sparked concern in government which could see new laws introduced to protect Britain's digital supply chains
-
Department of Health and Human Services must improve cyber security info sharingNews GAO report finds HHS has made progress, but better coordination would increase health care security
-
Biden appoints new federal CIONews Her challenge is to modernize government IT systems and improve accessibility
-
Department of Defense appoints John Sherman as acting CIONews Cloud modernization and SolarWinds fallout likely to top his to-do list
-
What is identity management and what role does it play in a security strategy?In-depth Make sure only the right people have access to your infrastructure
-
Homeland Security warns businesses of Oracle and SAP ERP vulnerabilitiesNews Oracle and SAP urge customers to apply patches to secure systems against hackers
