Expert Comment On UK Government’s Cyber Investment

The UK government has announced an extra £16.5bn in defence spending which is biggest investment since cold war. A lot of this money is set to be invested in cyber-forces, with the creation of a National Cyber Force, which is a partnership between the military and the spy agency GCHQ.

Subscribe
Notify of
guest

4 Expert Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Paul Farrington
Paul Farrington , Chief Product Officer
InfoSec Expert
November 23, 2020 4:04 pm

The notable increase in UK military investment, particularly in cyber defense and automation, is a positive milestone in the government’s growing commitment to addressing new and emerging threats. Given the current technology skills shortage, especially in security – only five undergraduate computer science degrees are certified by the UK’s NCSC for cybersecurity content – it’s clear more needs to be done to prepare for and mitigate the impact of cybersecurity attacks. Both users and the creators of software will benefit from the investment, which could stimulate the economy through the creation of 40,000 new jobs.

There’s no shortage of security flaws to be fixed in the applications we use every day. We know from our Veracode State of Software Security research, for example, that 76% of apps have at least one security flaw. It is therefore essential that application security is closely considered as part of this investment, ensuring people are equipped with the skills, tools, and technology to create software that is robust from the outset.

To transform itself, the British military could follow the same way as its European peers as military organisations such as the German Army (Bundeswehr) are relying on open-source software. Using open-source and proprietary software carries both risks and benefits. Application security pioneer Veracode’s recent SoSS report has shown, there is an alarming number of security flaws in the applications that we use every day, proving that a large focus on cybersecurity, and also on improving the technology skills shortage, is imperative.

Last edited 1 year ago by Paul Farrington
Francis Gaffney
Francis Gaffney , Director of Threat Intelligence
InfoSec Expert
November 23, 2020 3:59 pm

Along with the government’s decision to increase spending on cybersecurity, the acknowledgement of their creation of the National Cyber Force shows a real appetite to take action to limit the risks of cyberattacks at the highest level of government. Mature administrations like that in the UK face a huge amount of cyberthreats daily – from the simplest opportunistic spam campaigns to full-fledged impersonation or ransomware attacks.

This year has been a particularly challenging one due to the pandemic: people all over the country have had to move to a completely digital lifestyle and work in the virtual domain, and our valuable civil servants haven’t been any different. This is why we welcome the recent steps to prioritise cybersecurity at a central government level.

To put things in perspective, Mimecast’s latest threat report showed that over the last year, the UK has repeatedly been the target of cyberattacks. Highly vulnerable industries included those that the UK is globally known for: financial services, the legal sector, and healthcare. The level of uncertainty we still face means that any cyber threat actor can launch a large-scale campaign that could propagate widely, and we need to put all the right safeguards in place to avoid it – which is where the new task force comes into play.

By making cybersecurity a national priority, this new National Cyberforce will certainly have a positive impact on the overall cyber hygiene level of citizens and organisations of the UK. I certainly welcome the continued interest and funding of the UK’s cyber-defenses. Long may it continue.

Last edited 1 year ago by Francis Gaffney
Russell Haworth
InfoSec Expert
November 19, 2020 1:31 pm

The establishment of a national cyber force and increased funding towards the UK\’s cyber defensive capabilities will help to upgrade the UK\’s defence for the realities of 21st century warfare. National cyber defence has become a priority over the last few years, as we have seen increasing instances of cyber disruption tactics being used in warfare and hostile actions taken between nation states.

The cyber realm is undoubtedly the most important emerging domain of warfare – alongside the traditional ones of land, sea and air, is space – and the rules of engagement between countries are ill defined and are being exploited. This investment is therefore vital to ensure that the UK is prepared to face the threats and attacks that are emerging on the world stage. A new, dedicated National Cyber Force to defend against hostile action in cyber space will increase our cyber resilience as a country and complement the existing efforts of the NCSC and GCHQ to protect UK citizens online.

Last edited 1 year ago by Russell Haworth
Francis Gaffney
Francis Gaffney , Director of Threat Intelligence
InfoSec Expert
November 19, 2020 11:10 am

It is really positive to see the UK government acknowledging cybersecurity as a significant enough concern to continue with these large investments in its cyber activity. As President George Washington said, sometimes offense really is the best form of defence and it is certain that this investment could act as a deterrent to threat actors.

At Mimecast, our latest threat report observed a total number of 163.92 million attacks in the last month, taking the total number of attacks in 2020 past the one billion mark. This is almost certainly a result of the pandemic and many UK organisations working remotely in such a volume for the first time, leaving many of them potentially more vulnerable to cyber-attacks.

This initiative will also have a positive impact on the overall cyber hygiene level of citizens and organisations of the UK, as it further elevates the cybersecurity threat and keeps it at the forefront of the thoughts of the British public. I definitely welcome the continued interest and funding of the UK’s cyber-defences. Long may it continue.

Last edited 1 year ago by Francis Gaffney
Information Security Buzz
4
0
Would love your thoughts, please comment.x
()
x