Well, they did say it was a priority in 2010.
The UK parliament launched an inquiry into cyber-security on Tuesday.
The investigation by MPs and peers follows weeks after the UK government committed to spending £1.9bn between 2016 and 2021 as part of an update to the UK’s National Cyber Security Strategy.
Protecting critical national infrastructure organisations (utilities, transport, banking etc) has been recognised as a priority by successive UK governments since the 2010 defence review, if not earlier. Government commitment to the issue was underlined by the launch of the National Cyber Security Centre, which will co-ordinate response to security threats and develop best practice guidelines.
Contentious allegations that state-sponsored Russian hackers were behind a hack on the US Democratic Party during last year’s US presidential election has added another dimension to an already pressing problem of how to defend the UK against hacking attacks. The Parliamentary Joint Committee on the National Security Strategy is running the inquiry. Its findings are likely to be influential but not binding on ministers, if historical precedent is any guide.
The chair of the Joint Committee on the National Security Strategy, Margaret Beckett MP, commented: “Attention has recently focused on the potential exploitation of the cyber domain by other states and associated actors for political purposes, but this is just one source of threat that the Government must address through its recently launched five-year strategy.”
The Committee is inviting written submissions that address various elements of government cyber-security strategy, including overall objectives, working with the private sector and bridging the skills gap, among other topics. The development of “offensive cyber capabilities and the norms governing their use” are also on the agenda for discussion. Sessions where invited speakers are quizzed are likely to follow on from the written submissions but there’s no timetable on that – much less when a final report will be published – as yet. ®