MPs and peers to investigate scale of cyber security threat to UK
The Joint Committee on National Cyber Security Strategy has launched an inquiry to assess how prepared the government is for cyber attacks and how it can build resilience.
The inquiry will look at how the UK's cyber security measures up in a digital world - Photo credit: Pixabay
The UK National Security in a Digital World inquiry will look at the types and sources of cyber threats in faced by the UK and whether the UK has committed sufficient human, financial and technical resources to dealing with these threats.
Committee chairwoman Margaret Beckett said that although the "digital revolution has opened up a whole host of opportunities, it has also created new vulnerabilities" and that the national security implications are a matter of "increasing concern".
Among the questions the committee's inquiry will ask is whether the latest cyber security strategy, which was published in November and focuses on defence, deterrence and innovation, is fit for purpose, and if the government has learnt the right lessons from the previous strategy.
The strategy, to be funded with £1.9m between 2016-10, sets out three main lines of work: strengthening the UK’s defences in both the private and public sectors; deterring attacks with strong policies on cyber crime that are actively enforced; and developing the nation’s capabilities s it can keep pace with new threats.
“Active cyber defence”: UK’s first National Cyber Security Centre chief sets out strategy
Labour MP says Brexit could mean ‘exit for tech’ when it comes to data
Whitepaper: Transforming public sector productivity
The joint committee has asked for submissions that consider the effectiveness and coherence of the strategic lead provided by the National Security Council, departments, agencies, and the National Cyber Security Centre, which was officially opened last summer.
It also asks how the government can work with the private sector to build up cyber skills, and how it can work with allies and partners to develop capabilities, set standards and share intelligence.
Other areas of work will look at the government’s relationship with the private sector on cyber security, including on the balance of responsibilities for protecting national infrastructure and the right level of regulation and legislation for companies.
In December, the government published its Cyber Security Regulation and Incentives Review, which looked at regulation for companies and found a “strong justification” to secure personal data through regulation.
However, it said this would only be done through the implementation of the European Union General Data Protection Regulation, which comes into force in 2018, adding that the government “will not seek to pursue further general cyber security regulation for the wider economy over and above the GDPR”.
The deadline for submissions is 20 February.
The Scottish government will implement a “tough” assurance process for digital projects, mandate the use of common technologies and offer training to make sure civil servants “get digital”.
Survey shows lack of preparedness as data protection watchdog slaps £60,000 fine on Norfolk County Council
Councils should be in the “driving seat” of technological change, but need to rethink the role they play in their locality and invest in long-term planning, a report has said.
Public sector organisations have been told they still have to meet the common Public Sector Network assurance standards while work is carried out to move away from the network.