The UK government has announced an extra £16.5bn in defence spending which is biggest investment since cold war. A lot of this money is set to be invested in cyber-forces, with the creation of a National Cyber Force, which is a partnership between the military and the spy agency GCHQ.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics
The notable increase in UK military investment, particularly in cyber defense and automation, is a positive milestone in the government’s growing commitment to addressing new and emerging threats. Given the current technology skills shortage, especially in security – only five undergraduate computer science degrees are certified by the UK’s NCSC for cybersecurity content – it’s clear more needs to be done to prepare for and mitigate the impact of cybersecurity attacks. Both users and the creators of software will benefit from the investment, which could stimulate the economy through the creation of 40,000 new jobs.
There’s no shortage of security flaws to be fixed in the applications we use every day. We know from our Veracode State of Software Security research, for example, that 76% of apps have at least one security flaw. It is therefore essential that application security is closely considered as part of this investment, ensuring people are equipped with the skills, tools, and technology to create software that is robust from the outset.
To transform itself, the British military could follow the same way as its European peers as military organisations such as the German Army (Bundeswehr) are relying on open-source software. Using open-source and proprietary software carries both risks and benefits. Application security pioneer Veracode’s recent SoSS report has shown, there is an alarming number of security flaws in the applications that we use every day, proving that a large focus on cybersecurity, and also on improving the technology skills shortage, is imperative.
Along with the government’s decision to increase spending on cybersecurity, the acknowledgement of their creation of the National Cyber Force shows a real appetite to take action to limit the risks of cyberattacks at the highest level of government. Mature administrations like that in the UK face a huge amount of cyberthreats daily – from the simplest opportunistic spam campaigns to full-fledged impersonation or ransomware attacks.
This year has been a particularly challenging one due to the pandemic: people all over the country have had to move to a completely digital lifestyle and work in the virtual domain, and our valuable civil servants haven’t been any different. This is why we welcome the recent steps to prioritise cybersecurity at a central government level.
To put things in perspective, Mimecast’s latest threat report showed that over the last year, the UK has repeatedly been the target of cyberattacks. Highly vulnerable industries included those that the UK is globally known for: financial services, the legal sector, and healthcare. The level of uncertainty we still face means that any cyber threat actor can launch a large-scale campaign that could propagate widely, and we need to put all the right safeguards in place to avoid it – which is where the new task force comes into play.
By making cybersecurity a national priority, this new National Cyberforce will certainly have a positive impact on the overall cyber hygiene level of citizens and organisations of the UK. I certainly welcome the continued interest and funding of the UK’s cyber-defenses. Long may it continue.
The establishment of a national cyber force and increased funding towards the UK\’s cyber defensive capabilities will help to upgrade the UK\’s defence for the realities of 21st century warfare. National cyber defence has become a priority over the last few years, as we have seen increasing instances of cyber disruption tactics being used in warfare and hostile actions taken between nation states.
The cyber realm is undoubtedly the most important emerging domain of warfare – alongside the traditional ones of land, sea and air, is space – and the rules of engagement between countries are ill defined and are being exploited. This investment is therefore vital to ensure that the UK is prepared to face the threats and attacks that are emerging on the world stage. A new, dedicated National Cyber Force to defend against hostile action in cyber space will increase our cyber resilience as a country and complement the existing efforts of the NCSC and GCHQ to protect UK citizens online.
It is really positive to see the UK government acknowledging cybersecurity as a significant enough concern to continue with these large investments in its cyber activity. As President George Washington said, sometimes offense really is the best form of defence and it is certain that this investment could act as a deterrent to threat actors.
At Mimecast, our latest threat report observed a total number of 163.92 million attacks in the last month, taking the total number of attacks in 2020 past the one billion mark. This is almost certainly a result of the pandemic and many UK organisations working remotely in such a volume for the first time, leaving many of them potentially more vulnerable to cyber-attacks.
This initiative will also have a positive impact on the overall cyber hygiene level of citizens and organisations of the UK, as it further elevates the cybersecurity threat and keeps it at the forefront of the thoughts of the British public. I definitely welcome the continued interest and funding of the UK’s cyber-defences. Long may it continue.