Cyber security is not a necessary evil, it is both an essential feature of - and a massive opportunity for - the UK’s economic recovery, says Francis Maude, Cabinet Office minister.
“The financial institutions that emerge from the ‘great recession’ have to be stronger, safer, more secure and more alert to the risks than they were before,” he said at the official launch of CERT-UK in London.
He said the internet is inherently a good thing. “It brings people closer together and for the most part it is a huge upside – we must never lose sight of that.
“And the work that is done by people involved with cyber security is ultimately all about making the internet a safe place so we can all share in the benefits,” he said.
The official launch of the first national computer emergency response team CERT-UK comes after several delays and some months into the fledgling organisation’s initial operations.
A key element of government’s cyber security strategy, CERT-UK was initially set for launch by the end of 2013, but later rescheduled for 2014.
Chris Gibson was confirmed as CERT-UK director in November 2013 when he began overseeing final preparations and guiding initial steps to bring all of the UK’s cyber security stakeholders together.
“CERT-UK is going to play an incredibly important role in ensuring that we have that firm, resilient, foundation underpinning our economy. It is crucial,” said Maude.
He said the publication of the National Cyber Security Strategy two years ago marked a “ratcheting up” of the seriousness with which the government takes cyber security.
“At a time when budgets across government have been cut, we put more money into cyber security - £860m to be precise,” he said.
More on national CERTs
- US-Cert warns of widespread SQL injection attacks
- US-CERT: hackers are attacking flaw in Microsoft Access
- US-CERT warns of Adobe Shockwave Player threat
- US-CERT warns of new Samsung, Dell printer threat
In December 2012, the government announced of plans for a CERT-UK based on lessons from the 2012 London Olympics that were fed into the UK Cyber Security National Incident Management policy.
During the Olympics, Maude said the UK worked closely with international partnerships to defend core networks against a range of threats.
“We saw a number of government CERTs galvanise their capabilities to meet the challenges associated with this unique event," he said.
“We’d had measures in place to deal with threats to essential services for some time, but what the Olympics taught us was the need for better coordination."
CERT-UK was designed based on the feedback of more than 100 organisations and individuals across government, law enforcement, industry and academia.
Maude took the opportunity to announce that NOMINET has launched Cyber Assist, the first cyber security service designed specifically for UK small businesses.
“But as important as it is that we build our own national resilience in the UK, cyber security is, at heart, an international issue," he said.
“The cyber domain knows no borders and cyber security is an issue that no one country can afford to ignore or address alone."
In conclusion, Maude said that two years since publishing the Strategy for National Cyber Security, the UK government has delivered both a Cyber Security Information Sharing Partnership and a CERT.
“I think CERT shows our intent on where we want to go: ever closer coordination between government, business and academia to share insights and share advice; better cooperation with our international partners," he said.
“And that job will never be done – it will always be a work in progress. But, from today, CERT-UK means we can go forward with a new tool in our armoury: better prepared, better informed, better connected and ultimately more resilient."