Commenting on the Written Ministerial Statement from Francis Maude, Minister for the Cabinet Office, relating to the UK Cyber Security Strategy, Martin Sutherland, Managing Director of BAE Systems Detica said:
“We’ve reached an interesting juncture in terms of the development of the UK’s Cyber Security Strategy. The Strategy is in implementation phase right now and could arguably be more unified in terms of ownership of countering the threat. However, what is most important is that we maintain impetus and forward momentum. Cyber space is still a dangerous place where the threat is evolving and asymmetric and attackers are still able to act with enormously more agility than defenders.
“When we look back in five years’ time we will see that the government’s strategy has provided a catalyst for a series of innovative and useful activities, particularly around how industry can respond to and protect itself from cyber incidents – most notably the recent Cyber Incident Response Scheme announced by GCHQ. Nonetheless, there is still a long way to go before we can say that we are successfully countering cyber threats.”
Commenting specifically on the proposed establishment of a UK National CERT (Computer Emergency Response Team), Martin Sutherland added:
“One of the most significant elements of today’s announcement is the move towards the establishment of a UK National CERT (Computer Emergency Response Team). Implemented well, a CERT would be a welcome addition to the defence of cyber space by providing a conduit for knowledge and a concentration of technical expertise and information. It will also help with international co-operation as it will provide a clear point of contact for other nations.
“To succeed, the CERT will need to be able to prioritise incidents at scale; this will require understanding of national cyber risks and use of technology and support from industry to keep pace with the attackers. In time the team should be able to reach out to sectors such as general manufacturing not normally covered by CPNI or CESG.”