{"id":23817,"date":"2015-12-08T11:00:57","date_gmt":"2015-12-08T00:00:57","guid":{"rendered":"http:\/\/www.aspistrategist.ru\/?p=23817"},"modified":"2015-12-07T16:52:59","modified_gmt":"2015-12-07T05:52:59","slug":"learning-lessons-from-the-uks-confident-approach-to-cyber","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/","title":{"rendered":"Learning lessons from the UK\u2019s confident approach to cyber"},"content":{"rendered":"<p style=\"text-align: center;\"><a href=\"http:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2015\/12\/45154332.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-23819 size-full\" title=\"An aerial image of the Government Communications Headquarters (GCHQ) in Cheltenham, Gloucestershire.\" src=\"http:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2015\/12\/45154332.jpg\" alt=\"An aerial image of the Government Communications Headquarters (GCHQ) in Cheltenham, Gloucestershire.\" width=\"650\" height=\"458\" srcset=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2015\/12\/45154332.jpg 650w, https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2015\/12\/45154332-205x144.jpg 205w\" sizes=\"(max-width: 650px) 100vw, 650px\" \/><\/a><\/p>\n<p>The launch of the <a href=\"https:\/\/www.gov.uk\/government\/uploads\/system\/uploads\/attachment_data\/file\/478933\/52309_Cm_9161_NSS_SD_Review_web_only.pdf\" target=\"_blank\">2015 SDSR<\/a> provided evidence that UK Defence and Security agencies are being re-invigorated after a period of extensive cuts. Over the next ten years \u00a3178 billion will be spent on a <a href=\"http:\/\/www.telegraph.co.uk\/finance\/newsbysector\/industry\/defence\/12012746\/Boeing-the-big-winner-out-of-UK-defence-review.html\" target=\"_blank\">range of military platforms<\/a>. While this won\u2019t elevate the UK to the peak of global military powers, it will reassure allied partners that it\u2019s a reliable security partner.<\/p>\n<p>Large quantities of money are often associated with \u2018big ticket\u2019 military hardware, yet the UK has spent comparable sums on its cyber capabilities. At the launch of the <a href=\"https:\/\/www.gov.uk\/government\/uploads\/system\/uploads\/attachment_data\/file\/62482\/strategic-defence-security-review.pdf\" target=\"_blank\">2010 SDSR<\/a>, the sting of looming cuts were softened by the announcement that the Government would invest \u00a3500 million in cyber security. In the intervening period, that\u2019s risen to an \u00a3860 million investment in a growing area of national security concern and potential advantage.<\/p>\n<p>The 2015 SDSR announced that spending on cyber security will grow again with a commitment to invest a further \u00a31.9 billion (A$S3.9 billion) over the next five years. When that sum is added to the core spending on cyber security capabilities to protect UK networks, the total spend amounts to more than \u00a33.2 billion (A$6.5 billion).<\/p>\n<p>The clear and concise wording of the document is just as significant as the money attached to it. The 2015 SDSR weaves together a clear articulation of the UK\u2019s strategic goals in cyber along with a comprehensive narrative about the importance of cyber security to national and economic security, and introduces measures to enhance capability and skills in both areas. It commits the UK to remaining a world leader in cyber security to protect critical networks, to maintain high levels of confidence in its ability to protect business from cyber threats, to bolstering the digital economy to help it reap the economic rewards of high value cyber security technology and skills.<\/p>\n<p>The lead component of the cyber section of the SDSR is the newly formed National Cyber Centre established under GCHQ\u2019s leadership. This centre will have charge over operational responses to cyber incidents. Not only will it have an operational lead but it will also act as a focal point for companies seeking advice on cyber issues, simplifying previous arrangements.<\/p>\n<p>There are three areas worthy of specific comment. First, the UK has worked hard over the past 10 years to mature the Government\u2019s relationship with the private sector on cyber.. There\u2019s a clear commitment to \u2018share knowledge with British industry and with allies\u2019, \u2018help companies and the public do more to protect their own data\u2019, and \u2018simplifying private sector access to government cyber security advice\u2019. That\u2019s evidenced most strongly in the promise to develop a \u2018series of measures to actively defend\u2026against cyber attacks\u2019, alluding to active defence tactics which aim to disrupt attackers prior to, or while they\u2019re attacking a network. The SDSR states that those capabilities will be \u2018developed and operated by the private sector\u2019, which is a leap forward in coordination between the UK\u2019s public and private sectors.<\/p>\n<p>Despite efforts to build stronger relationships with the private sector on cyber, Australia is some way off being able to make these kinds of statements. There\u2019s a continuing journey that needs to be undertaken in order to reach the same level of maturity that the UK has achieved.<\/p>\n<p>Second, the SDSR details a significant investment in creating highly qualified and skilled personnel, including \u00a320 million to open an Institute of Coding to fill the current gap in higher education. A \u00a3165 million Defence and Cyber Innovation Fund was also announced to support innovative procurement across government, alongside two new cyber \u2018start-up\u2019 centres where new companies can incubate their tech in the early stages of development.<\/p>\n<p>Finally, one of the most striking aspects of the plan was the emphasis placed on developing offensive cyber capability. The UK has firmly stated that it has this capability and will use it as a tool of national power and to respond to security threats. <a href=\"https:\/\/www.gov.uk\/government\/speeches\/chancellors-speech-to-gchq-on-cyber-security\" target=\"_blank\">George Osborne used strong words<\/a> to underscore this part of the plan:<\/p>\n<blockquote><p>\u2018Part of establishing deterrence will be making ourselves a difficult target\u2026We need to destroy the idea that there is impunity in cyberspace\u2026We are building our own offensive cyber capability\u2014a dedicated ability to counter-attack in cyberspace.\u2019<\/p><\/blockquote>\n<p><a href=\"http:\/\/www.comw.org\/qdr\/fulltext\/1002QDR2010.pdf\" target=\"_blank\">Following on from the US admission in 2010<\/a>, this further illustrates an emerging trend among Australia\u2019s allies to publically state their capacity to conduct or develop offensive cyber operations. A clear statement of the way Australia views the use of offensive cyber capabilities would be a welcome addition to the Australian Defence White Paper when it emerges.<\/p>\n<p>There are lessons for Australia on the cyber front here. First is the use of committed, firm ideas and language which are backed financially. We are yet to see how much the Australian Government will invest in this important area of national security. Second, there\u2019s a clear articulation of the linkage between cyber security, economic security, digital innovation and national security.\u00a0Australian cyber strategy will hopefully follow suit.\u00a0Finally, there\u2019s evidence of a mature and trusted relationship between Government and the private sector built over time, which Australia can afford to do much better at. With both a Cyber Review and a Defence White Paper due imminently, expectations will be high that Australia can deliver on both fronts.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The launch of the 2015 SDSR provided evidence that UK Defence and Security agencies are being re-invigorated after a period of extensive cuts. Over the next ten years \u00a3178 billion will be spent on a &#8230;<\/p>\n","protected":false},"author":49,"featured_media":23819,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1],"tags":[391,95,606,141],"class_list":["post-23817","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-cyber","tag-cyber-security","tag-defence-white-paper","tag-united-kingdom"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Learning lessons from the UK\u2019s confident approach to cyber | The Strategist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Learning lessons from the UK\u2019s confident approach to cyber | The Strategist\" \/>\n<meta property=\"og:description\" content=\"The launch of the 2015 SDSR provided evidence that UK Defence and Security agencies are being re-invigorated after a period of extensive cuts. Over the next ten years \u00a3178 billion will be spent on a ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/\" \/>\n<meta property=\"og:site_name\" content=\"The Strategist\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ASPI.org\" \/>\n<meta property=\"article:published_time\" content=\"2015-12-08T00:00:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2015-12-07T05:52:59+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2015\/12\/45154332.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"650\" \/>\n\t<meta property=\"og:image:height\" content=\"458\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Tobias Feakin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:site\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tobias Feakin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\",\"url\":\"https:\/\/www.aspistrategist.ru\/\",\"name\":\"The Strategist\",\"description\":\"ASPI&#039;s analysis and commentary site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.aspistrategist.ru\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-AU\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/#primaryimage\",\"url\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2015\/12\/45154332.jpg\",\"contentUrl\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2015\/12\/45154332.jpg\",\"width\":650,\"height\":458,\"caption\":\"An aerial image of the Government Communications Headquarters (GCHQ) in Cheltenham, Gloucestershire.\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/\",\"url\":\"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/\",\"name\":\"Learning lessons from the UK\u2019s confident approach to cyber | The Strategist\",\"isPartOf\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/#primaryimage\"},\"datePublished\":\"2015-12-08T00:00:57+00:00\",\"dateModified\":\"2015-12-07T05:52:59+00:00\",\"author\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/84f461839f3f37e79509040ae4eeedcd\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/#breadcrumb\"},\"inLanguage\":\"en-AU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.aspistrategist.ru\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Learning lessons from the UK\u2019s confident approach to cyber\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/84f461839f3f37e79509040ae4eeedcd\",\"name\":\"Tobias Feakin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/a8346dd3562a4d00483b16ff7e8b8df6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/a8346dd3562a4d00483b16ff7e8b8df6?s=96&d=mm&r=g\",\"caption\":\"Tobias Feakin\"},\"url\":\"https:\/\/www.aspistrategist.ru\/author\/tobias-feakin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Learning lessons from the UK\u2019s confident approach to cyber | The Strategist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/","og_locale":"en_US","og_type":"article","og_title":"Learning lessons from the UK\u2019s confident approach to cyber | The Strategist","og_description":"The launch of the 2015 SDSR provided evidence that UK Defence and Security agencies are being re-invigorated after a period of extensive cuts. Over the next ten years \u00a3178 billion will be spent on a ...","og_url":"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/","og_site_name":"The Strategist","article_publisher":"https:\/\/www.facebook.com\/ASPI.org","article_published_time":"2015-12-08T00:00:57+00:00","article_modified_time":"2015-12-07T05:52:59+00:00","og_image":[{"width":650,"height":458,"url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2015\/12\/45154332.jpg","type":"image\/jpeg"}],"author":"Tobias Feakin","twitter_card":"summary_large_image","twitter_creator":"@ASPI_org","twitter_site":"@ASPI_org","twitter_misc":{"Written by":"Tobias Feakin","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.aspistrategist.ru\/#website","url":"https:\/\/www.aspistrategist.ru\/","name":"The Strategist","description":"ASPI&#039;s analysis and commentary site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.aspistrategist.ru\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-AU"},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/#primaryimage","url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2015\/12\/45154332.jpg","contentUrl":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2015\/12\/45154332.jpg","width":650,"height":458,"caption":"An aerial image of the Government Communications Headquarters (GCHQ) in Cheltenham, Gloucestershire."},{"@type":"WebPage","@id":"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/","url":"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/","name":"Learning lessons from the UK\u2019s confident approach to cyber | The Strategist","isPartOf":{"@id":"https:\/\/www.aspistrategist.ru\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/#primaryimage"},"datePublished":"2015-12-08T00:00:57+00:00","dateModified":"2015-12-07T05:52:59+00:00","author":{"@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/84f461839f3f37e79509040ae4eeedcd"},"breadcrumb":{"@id":"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.aspistrategist.ru\/"},{"@type":"ListItem","position":2,"name":"Learning lessons from the UK\u2019s confident approach to cyber"}]},{"@type":"Person","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/84f461839f3f37e79509040ae4eeedcd","name":"Tobias Feakin","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/a8346dd3562a4d00483b16ff7e8b8df6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/a8346dd3562a4d00483b16ff7e8b8df6?s=96&d=mm&r=g","caption":"Tobias Feakin"},"url":"https:\/\/www.aspistrategist.ru\/author\/tobias-feakin\/"}]}},"_links":{"self":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/23817"}],"collection":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/users\/49"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/comments?post=23817"}],"version-history":[{"count":4,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/23817\/revisions"}],"predecessor-version":[{"id":23828,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/23817\/revisions\/23828"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media\/23819"}],"wp:attachment":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media?parent=23817"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/categories?post=23817"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/tags?post=23817"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}