Ministers are not acting with “a meaningful sense of purpose or urgency” in the face of a growing cyber threat to the UK’s critical national infrastructure (CNI), a parliamentary committee has warned.
The joint committee on national security strategy said at a time when states such as Russia were expanding their capability to mount disruptive cyber-attacks, the UK’s level of ministerial oversight was “wholly inadequate”.
It urged Theresa May to appoint a cybersecurity minister in cabinet to take charge of the efforts to build national resilience.
The committee, made up of senior MPs and peers, also called on the government to prioritise continued information-sharing and collaboration on cyber-attacks with the EU during the Brexit talks.
Mick Bradley, VP EMEA at Arcserve said that the UK government must be prepared and quick to tackle commercial and state sponsored cybercrime.
“An increased focus on cyber security is a step in the right direction. However, large investments into cyber security do not guarantee protection. Our research has shown that the cost of downtime when cyber-attacks or outages happen is a growing concern, as only one in four (26 percent) IT decision-makers feel extremely confident in their organisation’s ability to recover their data in time to avoid business or customer disruption. More than half (56 percent) of organisations don’t have a recovery plan in place and 70 percent of executives believe that cyber-attacks are a data security issue rather than a recovery one.
Bradley warned that the government must also place more of a focus on reducing, or even eliminating, the impacts that most cyber-attacks cause.
“By directing our efforts towards the ability to circumvent cybercrime, we’re taking a proactive, rather than reactive approach, that ultimately is the difference between data safety and paying a ransom. Most importantly, methods that focus on data availability enable the continuity and security of our national infrastructure against all forms of cyber threats,’ Bradley said.