The Daily Swig Web security digest

UK gov’t launches interim cybersecurity strategy

James Walker | 05 December 2017 at 13:22

Manifesto will be used to guide the country’s response to technological change.

In response to a rapidly changing scientific and technological landscape, the UK government has published its interim cybersecurity strategy, which aims at future-proofing the country against the next generation of digital threats.

The Interim Cybersecurity Science & Technology Strategy report defines how the government will identify the technology areas that will have the most impact on cybersecurity, while acting as a framework for the development of future policies and threat assessments.

“To remain effective, cybersecurity policy needs to be driven by science and technology horizon scanning,” the Cabinet Office said.

“To guide the UK government’s response to this technological change, the interim strategy identifies the technological developments most likely to affect the cybersecurity of the country and services industry the public rely on.”

Drivers for these technology trends include the decreasing costs of processing power, memory and storage; the use of cloud and flexible computing power; the proliferation of devices with sensors; and the convergence of enterprise systems with operational technology such as industrial control systems.

“The devices we carry, wearable technology and the connectivity of the things with which we interact will generate a vast amount of data,” the report states. “The security of this data must be ensured so that it cannot be accessed illegitimately.

“Moreover, there can be consequences in the physical world if these technologies are maliciously exploited. The operational technology embedded in our critical national infrastructure, for example, means that energy networks could be affected.”

When it comes to policy, the government said it was committed to creating a “growing, innovative, and thriving” cybersecurity sector, as it looks to reduce the impact of large-scale attacks, such as this year’s global WannaCry ransomware epidemic.

The Cabinet Office pulled focus on the opportunities and risks presented by connected medical devices, connected and autonomous vehicles, and smart cities – all of which will drive future policy creation.

“The National Cyber Security Strategy recognized that the UK government needed to mainstream the use of horizon scanning to inform cyber security policy making,” the report states.

“In its role as the UK government’s national technical authority for cybersecurity, the National Cyber Security Center (NCSC) will be responsible for identifying significant science and technology developments with implications for all of the UK’s cybersecurity.”