The United Kingdom Government has released their plans for the National Cyber Security Strategy 2016 to 2021 approved by the Cabinet. According to the notes this strategy will “sets out how the UK will aim to be one of the most secure places in the world to do business in cyberspace”.
The United Kingdom Takes Cyber Security Very Seriously
The United Kingdom has brought their long term plan (2016 to 2021) about cyber security in their five-year National Strategy.
Some of the important highlights from the plan include the following topics:
Preface to The United Kingdom Cyber Security Strategy
Our primary responsibility is to keep the nation safe and deliver competent government. This strategy reflects these duties. It is a bold and ambitious approach to tackling the many threats our country faces in
cyberspace. Managing and mitigating those threats is a task for us all but the Government recognises its special responsibility to lead the national effort required.
The Government is committed to ensuring the commitments set out in this strategy are carried out and that we accurately monitor and regularly report on progress in meeting them. We will also keep our approach under review and respond to changes in the level of threat we face as well as evolutions in security technologies.
Government also has a special responsibility to the citizen, to companies and organisations operating in the UK,
and to our international allies and partners.
We should be able to assure them that every effort made has been to render our systems safe and to protect our data and our networks from attack or interference.
We must therefore set ourselves the highest standards of cyber security and ensure we adhere to them, both as the cornerstone of the country’s national security and economic wellbeing and also as an example for others to follow. We shall report back on progress made on an annual basis.
As Minister for the Cabinet Office with responsibility for cyber security and government security, I am determined
to see this strategy implemented in full.
I will work closely with colleagues across Government and with partners in the Devolved Administrations, the wider public sector, industry and academia to ensure we achieve that ambition.
The Rt Hon Ben Gummer MP, Minister for the Cabinet Office and Paymaster General
A Brief Summary of The United Kingdom’s Plan For Cyber Security
- The future of the UK’s security and prosperity rests on digital foundations. The challenge of our generation is to build a flourishing digital society that is both resilient to cyber threats, and equipped with the knowledge and capabilities required to maximise opportunities and manage risks.
- We are critically dependent on the Internet. However, it is inherently insecure and there will always be attempts to exploit weaknesses to launch cyber attacks. This threat cannot be eliminated completely, but
the risk can be greatly reduced to a level that allows society to continue to prosper, and benefit from the huge opportunities that digital technology brings.
- The 2011 National Cyber Security Strategy, underpinned by the British Government’s £860m National Cyber
Security Programme, has delivered substantial improvements to UK cyber security. It achieved important outcomes
by looking to the market to drive secure cyber behaviours. But this approach has not achieved the scale and pace of change required to stay ahead of the fast moving threat. We now need to go further.
- Our vision for 2021 is that the UK is secure and resilient to cyber threats, prosperous and confident in the digital world.
- To realise this vision we will work to achieve the following objectives:
* DEFEND – We have the means to defend the UK against evolving cyber threats, to respond effectively to incidents, to ensure UK networks, data and systems are protected and resilient. Citizens,
businesses and the public sector have the knowledge and ability to defend themselves.
- Underpinning these objectives, we will pursue INTERNATIONAL ACTION and exert our influence by investing in partnerships that shape the global evolution of cyberspace in a manner that advances our wider economic and security interests. We will deepen existing links with our closest international partners, recognising
that this enhances our collective security. We will also develop relationships with new partners to build their levels of cyber security and protect UK interests overseas. We will do this both bilaterally and multilaterally,
including through the EU, NATO and the UN. We will deliver clear messages about consequences to adversaries who threaten to harm our interests, or those of our allies, in cyberspace.
- To achieve these outcomes over the next five years, the UK Government intends to intervene more actively and use increased investment, while continuing National Cyber Security Strategy 2016 to support market forces to raise cyber security standards across the UK. The UK Government, in partnership with the Devolved Administrations of Scotland, Wales and Northern Ireland, will work with the private and public sectors to ensure that individuals, businesses and organisations adopt the behaviours required to stay safe on the Internet. We will have measures in
place to intervene (where necessary and within the scope of our powers) to drive improvements that are in the national interest, particularly in relation to the cyber security of our critical national infrastructure.
- The UK Government will draw on its capabilities and those of industry to develop and apply active cyber defence
measures to significantly enhance the levels of cyber security across UK networks. These measures include minimising the most common forms of phishing attacks, filtering known bad IP addresses, and actively blocking malicious online activity. Improvements in basic cyber security will raise the UK’s resilience to the most
commonly deployed cyber threats.
- We have created a National Cyber Security Centre (NCSC) to be the authority on the UK’s cyber security environment, sharing knowledge, addressing systemic vulnerabilties and providing leadership on key national cyber security issues.
- We will ensure that our Armed Forces are resilient and have the strong cyber defences they need to secure and defend their networks and platforms, continuing to operate and retaining global freedom of manoeuvre despite cyber threats. Our military Cyber Security Operations Centre will work closely with the NCSC and we will ensure
that the Armed Forces can assist in the event of a significant national cyber attack.
- We will have the means to respond to cyber attacks in the same way as we respond to any other attack, using
whichever capability is most appropriate, including an offensive cyber capability.
- We will use the authority and influence of the UK Government to invest in programmes to address the shortage of
cyber security skills in the UK, from schools to universities and across the workforce.
- We will launch two new cyber innovation centres to drive the development of cutting-edge cyber products and
dynamic new cyber security companies. We will also allocate a proportion of the £165m Defence and Cyber Innovation
Fund to support innovative procurement in defence and security.
- We will invest a total of £1.9 billion over the next five years to transform significantly the UK’s cyber security.
* DETER – The UK will be a hard target for all forms of aggression in cyberspace.
We detect, understand, investigate and disrupt hostile action taken against us, pursuing and prosecuting offenders.
We have the means to take offensive action in cyberspace, should we choose to do so.
* DEVELOP – We have an innovative, growing cyber security industry, underpinned by worldleading
scientific research and development. We have a self-sustaining pipeline of talent providing the skills to meet our national needs across the public and private sectors. Our cutting-edge analysis and expertise will enable the UK to
meet and overcome future threats and challenges.
For more information you can access the full document from Her Majesty’s Government.