Government Announces Schemes To Secure Cyber Supply Chain

Maude says security kitemark to be mandated across government when procuring, whilst a new scheme will give suppliers a boost in the global market

The UK government has launched fresh initiatives to both secure and boost its supply chain, as part of the national Cyber Security Strategy.

The announcements were made by Cabinet Office minister Francis Maude today, on the second anniversary of the strategy. They include a security “kitemark” or standard that those in the supply chain will be required to meet if they want to do business with government, and this has now been mandated across all government procurement.

Supply chain security boost

g-cloud government westminster big ben © Shutterstock QQ7This will be backed by a Cyber Security Suppliers Scheme, which will place those companies who have proven to be good enough for government on a public list. The government has set a target of £2 billion in annual sales from UK security companies by 2016, up from £850 million in 2012.

Maude said he was confident the target would be met, having toured the country meeting old and new security firms.

“The global cyber security market is growing and growing fast… and in Britain we are good at this,” Maude said, during a press briefing in Westminster this morning.

“We’re open for business and we want to trade overseas.

“We are reckoned to be already ahead of many other nations. That’s good, but we can’t have a flicker of complacency about that. So much remains to be done.”

The government also confirmed a major awareness campaign, backed with £4 million in government money and “in-kind benefits” worth £2.3 million from industry partners, including BT, Facebook, Sophos and Trend Micro. It will be aimed at the general public and small businesses, with the Home Office leading the project.

UK ISPs, including BT, Vodafone, TalkTalk, Sky and Virgin, have come together with government to produce a ‘Guiding Principles for ISPs’ document. It says that “at a minimum, ISPs will provide cyber security information to their customers, or signpost to information elsewhere.”

“If their customer does experience a problem, ISPs will support them by providing clear information about how to report the incident. They will also inform them of a potential compromise,” Maude said.

What do you know about Internet security? Find out with our quiz!