The Government is investing £1.9 billion to protect the UK from cyber-crime as part of its new National Cyber Security Strategy.
The strategy outlines measures to protect the UK from cyber threats and to make it one of the safest places to do business. It will support specialist police units to tackle organised online crime and invest in training cyber security experts.
The strategy divides cyber security into three areas:
Defence
The Government says it wants to review its own cyber defences and examine its departments’ IT security arrangements. It has already had success in reducing the ability of attackers to spoof Government department email addresses.
Deterrence
The Government will invest in cyber-crime law enforcement at both a local and national level. It wants to defend the UK in cyberspace and be able to retaliate against anyone who attempts to harm the country.
Develop
There is a strong emphasis on research, development and education in the strategy. This includes a UK Cyber Security Innovation Centre and a Cyber Innovation Fund to develop new technology. In addition, a Cyber Security Research Institute will be looking at ways to improve the security of smartphones and computers.
National Cyber Security Centre
The strategy also outlines the role of the new National Cyber Security Centre (NCSC) and how it will support organisations tackling cyber-crime.
The NCSC is part of the Government’s Communication Headquarters (GCHQ) and aims to make the UK a safe place to live and do business online. The NCSC plan to use Government departments as guinea pigs to test out its developments before it recommends them nationwide.
Businesses should take responsibility
Big companies find themselves targets of online criminals because of the huge amounts of personal data they handle. But small and medium-sized firms (SMEs) can also be a victim of cyber-crime. Last year, around 16 per cent of SMEs fell victim with the average cost of dealing with each attack over £16,000.
While this strategy seems like good news for UK businesses, it cannot guarantee complete online security. Organisations need to take responsibility for their own online security by putting their own measures in place to protect themselves.
