Time for the UK to act on cybercrime

Until now, the coalition government, and the Labour government before it, has merely paid lip-service to the threat posed by serious cybercrime.

Until now, the coalition government, and the Labour government before it, has merely paid lip-service to the threat posed by serious cybercrime. It has effectively ignored calls from industry bodies, the media and security experts to make the investment that this serious threat to national security and UK economic growth warrants.

NCC Group has been saying for a number of years that the battle against cybercrime is a never ending arms race, with hackers - whether they are hostile government agents, those involved in organised crime or opportunistic teenagers in their bedrooms - becoming increasingly sophisticated in their methods and more radical in their targets.

Now that Iain Lobban, head of GCHQ and the leading authority on threats to national security, has stressed the scale of this menace and the frequency of cyberattacks on the UK, surely the government will wake up and smell the coffee?

While for security experts there has never been any doubt of the threats posed by cybercriminals, for the general public this is the most authoritative call yet.

At present, the UK is losing the battle for security. We will only fall further behind unless the government makes a large investment in safeguarding our national information infrastructure and introduces even stricter guidelines surrounding corporate information security.

No one doubts that the Strategic Defence and Security Review and the Comprehensive Spending Review are vital for the long-term welfare of the UK, but to use a military expression, a whole new front has now opened up.

It's not a new front; actually it's a new war that has started. Rather than manage cybercrime security and the threat to national security as some sort of overspent legacy, it needs to be actively invested in now, not cut or sidelined.

Lobban's comments on the impact of an attack on the wider economy, and the effects cybercrime could have on frontline government services and utilities, must not be underestimated. A large-scale attack could significantly damage the economic recovery, not to mention cost the taxpayer millions.

In order to minimise this threat, the government must work with security experts from across the country and, if necessary, the world, to produce a watertight, considered strategy to fight international cybercrime. While much of this protection can be achieved by patching simple vulnerabilities in existing networks and software - which should already be watertight - other threats will require specialist defence strategies and responsive action.

The time has come for the UK to face up to this and join the arms race, before we become powerless to assure national information security.

Rob Cotton is chief executive of NCC Group, the UK's largest information assurance company

Read more on IT risk management