New strategy funds cyber resilience of UK public services

Business Continuity Management / Disaster Recovery, Critical Infrastructure Security, Cybercrime

Establishment of a government e-coordination center to boost information sharing

Tony Morbin (@tonymorbin) •
January 27, 2022

Hackney Town Hall, headquarters of one of the UK local authorities that was hacked (Source: Fin Fahey via Wikipedia)

UK local authorities are to receive £37.8m from the government to build cyber resilience in essential public services and data in areas such as housing benefits, voter registration, election management, grants schools and the provision of social care. The move is part of the UK’s first The cybersecurity strategy, which was announced on Tuesday as part of a government investment program of more than £2 billion in cybersecurity, the retirement of legacy IT systems and the strengthening of skills and coordination.

See also: Live chat | The balance sheet of the proliferation of identities in the complex enterprise

Is it sufficient?

While industry players have widely welcomed the move, Andrew Kays, CEO of security firm Socura, told Information Security Media Group: “I wonder if £37.8 million is enough to help local authorities improve cyber resilience, given their current level of resources and threats”. It may turn out to be a drop in the ocean, but at £2 billion the overall investment is a significant sum.

A government e-coordination center is also being created as part of the new strategy. Based in the Cabinet Office, the GCCC is responsible for quickly identifying, investigating and coordinating the government’s response to attacks on public sector systems, and managing how data and cyber intelligence is shared by defenders. Additionally, a new Cross-Government Vulnerability Reporting Service is intended to make it easy for security researchers and members of the public to report any issues with public sector digital services.

The new program will also seek to understand the growing risk of commercially supplied commodity supply chains in government systems.

Vincent Devine, head of government security, said in a statement: “The strategy is centered on two fundamental pillars, the first focused on building a solid foundation of organizational cybersecurity resilience, and the second aimed at enable government to “defend together,” harnessing the value of sharing data, expertise and capabilities.”

Again, moves are welcome, but there were caveats regarding resources. Dr Süleyman Özarslan, co-founder of security firm Picus Security, told ISMG that while “defending as one” is a noble goal, “there is no point in improving knowledge sharing if councils are also not able to apply intelligence and act quickly”. , defensive actions. The public sector increasingly needs to change its approach from reactive to proactive.” He says that while improving collaboration and disclosure of vulnerabilities in the sector is important, “we can’t pretend we haven’t haven’t seen similar ads before”.

Kays adds that the formation of the GCCC and its “advocate as one” approach is likely to improve how information and support is shared between utilities. But he says, “How this is implemented is critical. Cybersecurity relies on rapid action and response to protect services when threatened. Unfortunately, most governments are slow, burdened with bureaucracy and do not excel when it comes to fast information. sharing and decision making.

Özarslan said: “Improving security in the public sector is a difficult problem to solve and becomes more and more difficult as more and more urban centers are increasingly connected and the authorities are confronted financial pressures. It will take time for the “advocate together” approach to be implemented since collaboration on this scale can be difficult and time consuming to gain buy-in. For it to be successful, all organizations must participate.

The UK is very targeted

In the announcement, UK Cabinet Secretary Steve Barclay, Chancellor of the Duchy of Lancaster, highlighted the upsurge in attacks in recent years, which he said had put Britain third in the list of worst countries. targeted by hostile states in cyberspace.

Barclay said around 40% of the 777 incidents handled by the National Cybersecurity Center between September 2020 and August 2021 targeted the public sector. For example, in 2020, Redcar, Cleveland and Hackney councils were hit by ransomware attacks affecting council taxes, benefits and housing waiting lists, and Gloucester City Council has suffered a cyberattack in 2021.

Transforming Intelligence Sharing

Julian David, Managing Director of techUK, said: “The announcement of the Government Cybersecurity Coordination Center will enable better coordination between government cybersecurity efforts, transforming the way intelligence is shared, consumed and acted upon. . Adoption of the Cyber ​​Security Assessment Framework across government, learning lessons from the deployment of the NIS Directive and recognizing the need to adapt it to government heritage, will enable a proactive and proportionate approach to managing cyber -risk.”

Unsurprisingly for the head of an industry umbrella group, David went on to highlight how the strategy recognizes the important role industry already plays in protecting government and said “techUK looks forward to engage with the Cabinet Office to further unite the public and private sectors to ‘defend as one’ – both in terms of the technological capacity and the development of the skills we need to instill cyber resilience across the Kingdom -United”

Wider shots

Last month, the UK’s national cybersecurity strategy was presented. It calls on all parts of society to play their part in strengthening the UK’s economic strengths in cyberspace, through greater workforce diversity, upgrading the cyber sector in across all regions of the UK, expanding offensive and defensive cyber capabilities and prioritizing cybersecurity in the workplace, meeting rooms and digital supply chains.