Policy: Keeping the UK safe in cyber space

Issue

The growth of the internet has transformed our everyday lives and is an important part of our economy. The internet-related market in the UK is now estimated to be worth £82 billion a year while British businesses earn £1 in every £5 from the internet.

But with greater openness, interconnection and dependency comes greater vulnerability. The National Security Strategy categorised cyber attacks as a Tier One threat to our national security, alongside international terrorism. The threat to our national security from cyber attacks is real and growing. Terrorists, rogue states and cyber criminals are among those targeting computer systems in the UK.

93% of large corporations and 87% of small businesses reported a cyber breach in the past year. On average over 33,000 malicious emails are blocked at the Gateway to the Government Secure Intranet (GSI) every month. These are likely to contain - or link to - sophisticated malware. A far greater number of malicious, but less sophisticated emails and spam are blocked each month.

With the cost for a cyber-security breach estimated between £450,000 to £850,000 for large businesses and £35,000 to £65,000 for smaller ones, the government must look at new ways to protect businesses and make the UK more resilient to cyber attacks and crime.

Actions

The Strategic Defence and Security Review allocated £650 million over 4 years to establish a new National Cyber Security Programme to strengthen the UK’s cyber capacity. The Chancellor of the Exchequer announced an extra £210 million investment after the 2013 spending review.

To combat cyber threats, we will work with the Government Communications Headquarters (GCHQ) to identify and analyse cyber attacks to our main networks and services and support the UK’s wider cyber security objectives.

To prevent cyber crime and make the UK a safer place to do business, we:

• set up a National Cyber Crime Unit within the National Crime Agency in 2013, bringing together the Police eCrime Unit and SOCA
• are providing cyber security advice to businesses such as the 10 Steps to Cyber Security Booklet and tailored guidance for small businesses
• have built a Cyber Security Information Sharing Partnership with businesses to allow the government and industry to exchange information on cyber threats in a trusted environment
• have reached agreement with industry on a series of guiding principles for internet service providers, setting out a best practice approach to help inform, educate and protect customers from online threats
• are developing a preferred organisational standard for cyber security, to give industry a clear baseline to aim for in addressing cyber security risks to their companies
• have introduced a single reporting system for people to report financially motivated cyber crime through Action Fraud, the UK’s national 24/7 fraud and internet crime reporting centre - recording incidents of fraud centrally enables intelligence being gathered about crimes to be shared and analysed, resulting in more targeted enforcement action.

We are supporting the growth of the UK cyber security industry by:

• creating a joint ‘Cyber Growth Partnership’ with technology industry representatives techUK (formerly Intellect)
• publishing a Cyber Exports Strategy (pdf) to set out the scope of opportunities and actions
• developing a new Cyber Security Suppliers’ scheme for businesses that supply cyber security products and services to the UK government
• setting a target for future export growth

To make the UK more resilient to cyber attacks, we:

• established CERT-UK on 31 March 2014, a new organisation to improve co-ordination of national cyber incidents and share technical information between countries
• have set up a new Cyber Incident Response scheme in GCHQ to help organisations recover from a cyber security attack
• have extended the role of the Centre for the Protection of National Infrastructure (CPNI) to work with all organisations that may have a role in protecting the UK’s critical systems and intellectual property
• have agreed with regulators in essential services a set of actions to make sure that important data and systems in our critical national infrastructure continue to be safe and resilient

To cultivate a safe, stable and vibrant cyberspace internationally, we:

• work with other countries to identify and manage cyber risks and develop principles to guide the behaviour of governments and others in cyberspace
• hosted the London Conference on Cyberspace in 2011 and have supported hosts in Budapest and Seoul since then to continue the global conversation on the future of the Internet and establishing norms of behaviour in cyberspace

To develop the knowledge, skills and capabilities needed to defend the UK against cyber crime, we are:

• providing cyber security advice for business and the public
• working to improve cyber skills, education and professional opportunities
• challenging the UK public to find ways of defending the government from cyber attacks as part of the Cyber Security Challenge UK competition, sponsored by the National Cyber Security Programme

Background

Our National Security Strategy classed cyber security as 1 of our top priorities alongside international terrorism, international military crises and natural disasters.

We published the UK Cyber Security Strategy on 25 November 2011. It sets out how the UK will support economic prosperity and protect our national security by building a more trusted and resilient digital environment.

Francis Maude, Minister for the Cabinet Office, made a written ministerial statement to Parliament about progress against the objectives of the strategy on 12 December 2013, as he did the previous year. Read the government’s achievements so far and forward plans.

Who we’re working with

The Office of Cyber Security and Information Assurance (OCSIA) coordinates the work carried out under the National Cyber Security Programme and works with government departments and agencies such as the Home Office, Ministry of Defence (MoD), Government Communications Headquarters (GCHQ), the Centre for the Protection of National Infrastructure (CPNI), the Foreign and Commonwealth Office and the Department for Business, Innovation and Skills (BIS) to implement the cyber security programme.

The CPNI is the government authority that provides physical, personnel and information security advice to the national infrastructure. It funds a range of projects to improve the UK’s ability to protect its interests in cyberspace and to address threats from states, criminals and terrorists.

The government is represented in international forums such as the Organisation for Security and Cooperation in Europe, the EU and the World Economic Forum.