2 minute read
INTRODUCTION
2. INTRODUCTION
2.1. Information and communication technologies have evolved over the last two decades and are now integrated into virtually every aspect of our lives. The UK is a digitalised society. Our economy and our daily lives are the richer for it.
Advertisement
2.2. The transformation brought about by this digitalisation creates new dependencies. Our economy, the administration of government and the provision of essential services now rely on the integrity of cyberspace and on the infrastructure, systems and data which underpin it. A loss of trust in that integrity would jeopardise the benefits of this technological revolution.
2.3. Much of the hardware and software originally developed to facilitate this interconnected digital environment has prioritised efficiency, cost and the convenience of the user, but has not always had security designed in from the start. Malicious actors – hostile states, criminal or terrorist organisations and individuals – can exploit the gap between convenience and security. Narrowing that gap is a national priority.
2.4. The expansion of the Internet beyond computers and mobile phones into other cyber-physical or ‘smart’ systems is extending the threat of remote exploitation to a whole host of new technologies. Systems and technologies that underpin our daily lives – such as power grids, air traffic control systems, satellites, medical technologies, industrial plants and traffic lights – are connected to the Internet and, therefore, potentially vulnerable to interference.
2.5. The 2015 National Security Strategy (NSS) reaffirmed the cyber threat as a Tier One risk to UK interests. The NSS set out the Government’s determination to address cyber threats and “put in place tough and innovative measures, as a world leader in cyber security”. This National Cyber Security Strategy delivers on that commitment.
2.6. In preparing this new strategy, the Government is building on the achievements, objectives and judgements of the first five-year National Cyber Security Strategy issued in 2011. The Government invested £860m over that period, and is proud of what has been achieved. The policies, institutions and initiatives developed over the last five years have helped to establish the UK as a leading global player in cyber security.
2.7. These are sound foundations. But the persistence and ingenuity of those who would threaten us, the prevalence of our vulnerabilities and gaps in our capabilities and defences mean we need to work even harder to keep pace with the threat. A comprehensive approach is required if we are to effectively secure our cyber interests. Our resolution to make further investment and interventions is based on the following assessments:
• the scale and dynamic nature of cyber threats, and our vulnerability and dependency, mean that maintaining the current approach will not in itself be sufficient to keep us safe; • a market based approach to the promotion of cyber hygiene has not produced the required pace and scale of change; therefore, Government has to lead the way and intervene more directly by bringing its influence and resources to bear to address cyber threats; • the Government alone cannot provide for all aspects of the nation’s cyber security. An embedded and sustainable approach is needed
