{"id":23817,"date":"2015-12-08T11:00:57","date_gmt":"2015-12-08T00:00:57","guid":{"rendered":"http:\/\/www.aspistrategist.ru\/?p=23817"},"modified":"2015-12-07T16:52:59","modified_gmt":"2015-12-07T05:52:59","slug":"learning-lessons-from-the-uks-confident-approach-to-cyber","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/learning-lessons-from-the-uks-confident-approach-to-cyber\/","title":{"rendered":"Learning lessons from the UK\u2019s confident approach to cyber"},"content":{"rendered":"
<\/a><\/p>\n The launch of the 2015 SDSR<\/a> provided evidence that UK Defence and Security agencies are being re-invigorated after a period of extensive cuts. Over the next ten years \u00a3178 billion will be spent on a range of military platforms<\/a>. While this won\u2019t elevate the UK to the peak of global military powers, it will reassure allied partners that it\u2019s a reliable security partner.<\/p>\n Large quantities of money are often associated with \u2018big ticket\u2019 military hardware, yet the UK has spent comparable sums on its cyber capabilities. At the launch of the 2010 SDSR<\/a>, the sting of looming cuts were softened by the announcement that the Government would invest \u00a3500 million in cyber security. In the intervening period, that\u2019s risen to an \u00a3860 million investment in a growing area of national security concern and potential advantage.<\/p>\n The 2015 SDSR announced that spending on cyber security will grow again with a commitment to invest a further \u00a31.9 billion (A$S3.9 billion) over the next five years. When that sum is added to the core spending on cyber security capabilities to protect UK networks, the total spend amounts to more than \u00a33.2 billion (A$6.5 billion).<\/p>\n The clear and concise wording of the document is just as significant as the money attached to it. The 2015 SDSR weaves together a clear articulation of the UK\u2019s strategic goals in cyber along with a comprehensive narrative about the importance of cyber security to national and economic security, and introduces measures to enhance capability and skills in both areas. It commits the UK to remaining a world leader in cyber security to protect critical networks, to maintain high levels of confidence in its ability to protect business from cyber threats, to bolstering the digital economy to help it reap the economic rewards of high value cyber security technology and skills.<\/p>\n The lead component of the cyber section of the SDSR is the newly formed National Cyber Centre established under GCHQ\u2019s leadership. This centre will have charge over operational responses to cyber incidents. Not only will it have an operational lead but it will also act as a focal point for companies seeking advice on cyber issues, simplifying previous arrangements.<\/p>\n There are three areas worthy of specific comment. First, the UK has worked hard over the past 10 years to mature the Government\u2019s relationship with the private sector on cyber.. There\u2019s a clear commitment to \u2018share knowledge with British industry and with allies\u2019, \u2018help companies and the public do more to protect their own data\u2019, and \u2018simplifying private sector access to government cyber security advice\u2019. That\u2019s evidenced most strongly in the promise to develop a \u2018series of measures to actively defend\u2026against cyber attacks\u2019, alluding to active defence tactics which aim to disrupt attackers prior to, or while they\u2019re attacking a network. The SDSR states that those capabilities will be \u2018developed and operated by the private sector\u2019, which is a leap forward in coordination between the UK\u2019s public and private sectors.<\/p>\n Despite efforts to build stronger relationships with the private sector on cyber, Australia is some way off being able to make these kinds of statements. There\u2019s a continuing journey that needs to be undertaken in order to reach the same level of maturity that the UK has achieved.<\/p>\n Second, the SDSR details a significant investment in creating highly qualified and skilled personnel, including \u00a320 million to open an Institute of Coding to fill the current gap in higher education. A \u00a3165 million Defence and Cyber Innovation Fund was also announced to support innovative procurement across government, alongside two new cyber \u2018start-up\u2019 centres where new companies can incubate their tech in the early stages of development.<\/p>\n Finally, one of the most striking aspects of the plan was the emphasis placed on developing offensive cyber capability. The UK has firmly stated that it has this capability and will use it as a tool of national power and to respond to security threats. George Osborne used strong words<\/a> to underscore this part of the plan:<\/p>\n \u2018Part of establishing deterrence will be making ourselves a difficult target\u2026We need to destroy the idea that there is impunity in cyberspace\u2026We are building our own offensive cyber capability\u2014a dedicated ability to counter-attack in cyberspace.\u2019<\/p><\/blockquote>\n