The UK is unprepared to tackle devastating cyber-attacks
The UK’s approach to cybersecurity is “wholly inadequate” and unprepared to stop a devastating cyber-attack on our critical national infrastructure, MPs have warned.
According to the joint committee on national security strategy, ministers are failing to act with “a meaningful sense of purpose or urgency” in a time where Russia is expanding its capabilities. The committee urged Theresa May to appoint a cybersecurity minister to take charge in the building of a national defence.
The committee, comprised of senior MPs and peers, also wanted to keep up information sharing and collaboration on cyber-attacks with the EU during Brexit negotiations.
This isn’t the first time that the government has been warned of its unpreparedness to tackle a potential cyber-attack. In October, the National Cyber Security Centre (NCSC) boss Ciaran Martin outlined how the national body was concerned about the UK’s safety as a catastrophic attack was “inevitable”.
The same warning was issued back in September of last year too, with the NCSC’s technical director Ian Levy saying that he was “reasonably confident” a major attack would hit the UK soon. “Sometime in the next few years, we’re going to have our first – what we would call – category-one cyber-incident; one that will need a national response,” he explained.
Despite these warnings, the UK government has made little progress in actually addressing, what could really be, an incredibly serious security threat to the UK.
“While we applaud the aspiration, it appears the government is not delivering on it with a meaningful sense of purpose or urgency,” the parliamentary committee explained. “Identifiable political leadership is lacking. There is little evidence to suggest a ‘controlling mind’ at the centre of government, driving change consistently across the many departments and CNI sectors involved.
“We are concerned that the current complex arrangements for ministerial responsibility mean that day-to-day oversight of cross-government efforts is, in reality, led by officials, with ministers only occasionally ‘checking in’.
“This is wholly inadequate to the scale of the task facing the government, and inappropriate in view of the government’s own assessment that major cyber-attacks are a top-tier national security threat.”
The committee also issued praise to Martin and his team at the NCSC but explained that expectations of what it’s capable of were “outstripping the resources put at its disposal”, essentially setting it up for failure without adequate support.
Committee chair, and former foreign secretary Margaret Beckett expressed her concerns as part of the pledge to government, saying “we are struck by the absence of political leadership at the centre of government in responding to this top-tier national security threat.
“Too often in our past, the UK has been ill-prepared to deal with emerging risks. The government should be open about our vulnerability and rally support for measures which match the gravity of the threat to our critical national infrastructure.”