Sergey Nivens - Fotolia
Public trust in digital services and the ability of the digital economy to continue to thrive in the UK could be at risk without a step-change in cyber security, supported by action from government, business and researchers, the report said.
This will require an ambitious programme of research and innovation to generate new security approaches and products, the report said, as well as establishing clear standards and kitemarks to help users identify trustworthy digital products and services.
The report, Progress and research in cyber security, also calls for a review of the oversight structures for cyber security in the UK and government commitment to preserving the robustness of encryption and promoting its use.
“Digital systems are increasingly integrated into our lives and digital industries in the UK grew 32% faster than the rest of our economy between 2010 and 2014,” said John McCanny, co-chair of The Royal Society working group that produced the report. “But with technology developing at a spectacular pace, the security that protects us and our data is at times struggling to keep up.
“We need to maintain public trust in the systems we rely on. That means organisations need to invest more in cyber security, as well as demonstrate how secure they are to earn the trust of users.”
Andy Hopper, the other co-chair, said that as society entrusts more personal information to digital systems, the balance is shifting between personal security and national security.
“Although ‘backdoors’ into devices and systems can help security services, they also increase the opportunities for criminals to break in,” he said. “As the stakes for individuals get higher, they may be less likely to accept this trade-off.”
For this reason, Hopper said society may want oversight of cyber security to be in the hands of more open and transparent public bodies.
“The government is already taking welcome steps towards greater openness, but the UK should consider whether it should go further in the future,” he said.
Read more about cyber security
- Government has announced a £250,000 programme to increase the rate of cyber security startup development in the UK.
- The UK’s National Cyber Security Centre (NCSC) is to be the UK’s one-stop authority on infosec, based in London and led by GCHQ’s Ciaran Martin
- An essential part of information security is identifying and managing the risks, experts tell the European Information Security Summit 2016.
- Chancellor George Osborne promises a £1.9bn investment in cyber security over the next five years and to “aggressively defend” public services from cyber attacks.
The Royal Society report examines four areas – trust, resilience, research and translation – and recognises the UK’s strengths in cyber security.
Although it recognises good progress in the UK in addressing many of the issues, it calls for constant improvement.
Other recommendations include greater sharing of information relating to security breaches and threats, more support for research and international collaboration, and support for universities and businesses to apply the UK’s technical expertise to deliver a step-change in cyber security research and knowledge.
The Royal Society is a self-governing fellowship of the world’s scientists drawn from all areas of science, engineering and medicine.
Its fundamental purpose is to recognise, promote and support excellence in science and to encourage the development and use of science for the benefit of humanity.