UK urged to up spending on cyber defence
Cyber attacks that target military and civilian operations are one of the biggest threats facing the UK, according to a top military officer, but security experts say cyber defence spending must be carefully considered
The UK needs to keep up with its adversaries, such as Russia, to avoid being exposed to unorthodox, hybrid warfare that combines traditional conflict with cyber warfare, UK defence chief of general staff Nick Carter is expected to warn.
The UK’s ability to pre-empt or respond to threats will be eroded if the country does not keep up with its adversaries in terms of defence spending, Carter is set to say in a speech in London in the wake of claims by military chiefs and Conservative MPs that the UK’s defence spending has dropped to dangerously low levels, reports The Guardian.
In February 2017, MPs called on the Cabinet Office to clarify its role in protecting data within central government and to improve co-ordination of cyber defence efforts across the public sector, while the defence secretary expressed concern over Russian cyber activity.
The Ministry of Defence is now calling for an increase in defence spending and, in light of the fact that Russia, North Korea, Iran and China have been blamed for cyber attacks on the US and Europe in recent months, Carter is set to warn that hostile states are being more creative in how they exploit the seams between peace and war.
“We must take notice of what is going on around us or our ability to take action will be massively constrained,” Carter is expected say. “We have seen how cyber warfare can be waged both on the battlefield and to disrupt normal people’s lives. We in the UK are not immune from that.”
Read more about security analytics
- Firms look to security analytics to keep pace with cyber threats.
- Human-machine teaming key to cyber defence, says Intel Security.
- Dan Sullivan compares the top-rated big data security analytics tools to help you select the right one for your organisation.
- Analytics must form part of a comprehensive defence-in-depth strategy, according to software firm Fico’s CISO, Vickie Miller.
While many cyber security commentators agree there is a need for greater resources for the UK’s cyber defences, some caution against indiscriminate spending.
“The problem is more than just a need for more money and personnel to address the issue,” said Piers Wilson, head of product management at Huntsman Security.
“Every day the UK is assailed by thousands of cyber threats, from cyber espionage aimed at the government itself to attacks on critical infrastructure, industries, intellectual property and personal information.
“Put simply, our defences could spend every penny available on people and tools and it still wouldn’t be enough to keep us secure. After all, we are still in the midst of a crippling security skills shortage that is expected to result in over 1.5 million open jobs by 2020.”
Read more about cyber war
- UK government must improve cyber defence efforts, say MPs.
- Terror groups are more likely than nation states to unleash cyber weapons and critical infrastructure is the most likely target, warns Kaspersky Lab chief.
- Veteran investigative reporter Ted Koppel says a cyber attack on the US power grid is likely, but preparations for such an event are not up to scratch.
- There is a lot of “fog” surrounding cyber weapons and cyber war because there is no way of knowing the true capability of any country, says security expert Mikko Hypponen.
According to Wilson, the UK government must make sure that spending is directed intelligently on the right technologies and techniques to solve the problem.
“In particular, automated systems that are able to assess and rank various threats, allowing analysts to focus on the most pressing ones, are going to be essential,” he said.
Wilson believes that intelligent automation, using AI (artificial intelligence) and analytics, can help defence analysts avoid running down endless rabbit holes and be smarter about defending all areas of the nation from attack.
“Cyber defence isn’t just a matter of deploying people where they are needed, but giving them the right tools and technology to do the job – and this carries over into the commercial world too,” he said.