lolloj - Fotolia

UK defence review criticised for being too light on cyber

Compared with the annual defence budget of almost £40bn, the allocation for cyber defence is extremely small, say commentators

Technology association techUK has welcomed the clear focus on information technologies of the government’s Strategic defence and security review (SDSR), but others have criticised it for not putting enough into cyber defences.

The SDSR details how the UK will prepare and respond to a range of national security threats, and cyber was featured fairly prominently by prime minister David Cameron when he unveiled the SDSR in parliament and announced a £178bn investment in defence equipment and support over the next decade.

Planned initiatives include creating two “strike brigades” by 2025 to be rapidly deployable, able to self-deploy across thousands of kilometres and with a much lower logistic footprint.

Cameron said that from the crisis in Ukraine to the risks of cyber attacks and pandemics, the world is more dangerous and uncertain today than it was five years ago.

In further reference to cyber attacks aimed at undermining the information security, he said that at the heart of the SDSR is an understanding that the UK cannot choose between conventional defences against state-based threats and the need to counter threats that do not recognise national borders.

“We face both types of threat and we must respond to both types of threat. Over the course of this parliament our priorities are to deter state-based threats, tackle terrorism, remain a world leader in cyber security and ensure we have the capability to respond rapidly to crises as they emerge,” said Cameron.

Turning to counter-terrorism, Cameron said the government will make a major additional investment in the UK’s intelligence agencies to ensure they have the resources and information they need to detect and foil plots from wherever they emanate in the world.

“We will also do more to ensure the powers we give our security services keep pace with modern technology,” he said.

Cameron said the recently published draft investigatory powers bill was aimed at ensuring that GCHQ, MI5 and the UK’s counter terrorism police continue to have the powers they need.

“History teaches us that no government can predict the future. We have no way of knowing precisely what events will take place over the next five years. We must expect the unexpected,” said Cameron.

“But we can make sure we have the versatility and the means to respond to risks and threats to our security as they arise.”

James Murphy, techUK associate director for defence and security, praised the latest SDSR for its focus on cyber, but others have said it does not go far enough.

Despite Cameron’s emphasis on cyber as a new “domain” of warfare alongside land, sea, air and space, former Royal Navy officer Lewis Page points out that only a small cyber-ops group in the new joint command has appeared.

“Compared with the annual defence budget of almost £40bn; a few billions spent on cyber – spread over several years – is peanuts,” said Page in an article for the Telegraph.

According to Page, the allocation of funds in the SDSR reveals that the UK government remains determined to crush the adversaries of today on the physical rather than digital battlefield.

However, Page said that while that is not as forward thinking as it could be, it does represent a marked improvement.

“It is often said that Britain’s military is set up to fight the battles of yesterday, tomorrow. Now we will fight the battle of today, tomorrow,” he wrote.

Read more on Hackers and cybercrime prevention