UK Government announces ‘first-ever Cyber Security Strategy
The plans aim to further protect public services the UK public relies on, and will be backed by a £37.8 million investment to help local authorities boost their cyber resilience. This will protect the essential services and data, that the public use including housing benefits, voter registration, electoral management, school grants and the provision of social care.
The new strategy includes a new Government Cyber Coordination Centre, or GCCC, which aims to transform how the government uses cyber security data by facilitating threat and vulnerability management at scale, and fostering partnerships across the public sector and the Union – to rapidly identify, investigate and coordinate responses to incidents. The centre will be based in the Cabinet Office and will ensure the data is rapidly shared, allowing the ‘government to Defend As One.’
It also involves a new cross-government vulnerability reporting service, which will allow security researchers and members of the public to easily report issues they identify with public sector digital services. This will enable organisations to quickly fix any issues identified.
Additionally, a new, more detailed assurance regime for the whole government, which will include a robust assessment of departmental plans and vulnerabilities will begin. This will give the central government a more detailed picture of the government’s cyber health for the first time.
And finally, the government also plans to start a project which aims to reduce government risk through culture change, in partnership with small businesses and academia.
“The government is investing £2.6 billion in cyber over the next three years – significantly more than the £1.9 billion that was committed in the last National Cyber Strategy, with a particular emphasis on improving the government’s own cyber security,” Barclay said in his speech. “This includes over £85 million to tackle the challenges facing councils, helping them build their cyber resilience and protect vital services and data.”
He added: “Our public services are precious and without them, individuals cant access the support that they rely on. If we want people to continue to access their pensions online, social care support from local government or health services we need to step up our cyber defences.”
Government chief security officer, Vincent Devine said: “We need this bold and ambitious strategy to ensure that government’s critical functions are significantly hardened to cyber-attacks.”
“The strategy is centred around two core pillars, the first focusing on building a strong foundation of organisational cyber security resilience; and the second aimed at allowing government to ‘defend as one’, harnessing the value of sharing data, expertise and capabilities.”
Subscribe to our Editor's weekly newsletter