Categories: SecurityWorkspace

Parliament Finds UK ‘Ill-Prepared’ For Critical Infrastructure Cyber-Threat

The government’s efforts to protect critical national infrastructure (CNI) from a major cyber-attack are “wholly inadequate”, a parliamentary committee has said.

The joint committee on national security strategy urged the Prime Minister to appoint a cabinet cybersecurity minister to provide “focused and proactive political leadership from the centre of government”.

Such leadership is “essential in driving change and ensuring a consistent approach across the many departments and agencies with responsibility for the resilience of CNI to cyber threats”, the committee said in a new report.

The government has assessed major cyber attacks on targets such as CNI as a “top-tier” national security threat, the committee noted.

‘Top-tier’ threat

And yet, it said the current cyber-security structure in the UK does not provide for effective political oversight of the matter.

“We are concerned that the current complex arrangements for ministerial responsibility mean that day-to-day oversight of cross-government efforts is, in reality, led by officials, with ministers only occasionally ‘checking in’,” the report found.

“This is wholly inadequate to the scale of the task facing the government, and inappropriate in view of the government’s own assessment that major cyber-attacks are a top-tier national security threat.”

The committee, made up of senior MPs and peers, also urged the government to continue information-sharing and collaboration on cyber-attacks with the EU during exit negotiations as a matter of priority.

‘Meaningful action’

The committee found that while the government appeared to be prioritising cyber-security, this was as yet merely an “aspiration” that was not being acted on with a “meaningful sense of purpose or urgency”.

Meanwhile, “hostile states” such as Russia are becoming increasingly aggressive in the cyber sphere, and are beginning to explore ways of disrupting critical infrastructure, in addition to more routine activities such as espionage and intellectual property theft, the committee said.

The establishment of the National Cyber Security Centre (NCSC) is a welcome move, but the expectations placed on the GCHQ agency may be “outstripping the resources put at its disposal”.

“There appears to be little beyond anecdotal evidence that the UK is at the forefront of international efforts on cybersecurity,” the report says.

Market forces not enough

Meanwhile, a recent tightening of the cyber-regulatory regime was not the government’s own initiative, “but instead flows from our acceptance of EU-wide regulations”.

More needs to be done at a ministerial level to ensure critical infrastructure operators address cyber-threats at a board level and manage it “proactively”.

But the government is, instead, continuing to “rely on market forces to improve operators’ cyber resilience, despite recognising the previous failure of this approach”, the committee said.

“Too often in our past the UK has been ill-prepared to deal with emerging risks,” said committee chair Margaret Beckett, the former foreign secretary.

“The government should be open about our vulnerability and rally support for measures which match the gravity of the threat to our critical national infrastructure.”

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

The State of Quantum Security

No longer a technology on the distant horizon, quantum computing brings with it security challenges…

12 hours ago

US Carmakers Warn Over Upcoming Electric Vehicle Incentives

Climate and tax bill worth $430bn passed by US Congress last week could immediately eliminate…

13 hours ago

Mercedes-Benz And CATL To Build Massive EV Battery Plant In Hungary

Mercedes-Benz and world's biggest EV battery maker CATL to build 7.3bn euro battery plant in…

14 hours ago

ESA In Talks With SpaceX Over Launches To Replace Soyuz

European Space Agency confirms it is in talks with SpaceX over using Falcon 9 as…

14 hours ago

Disney Brings Ads To Streaming Platform As It Surpasses Netflix

Disney to introduce ad-supported version of Disney+ in December along with price hikes, as it…

15 hours ago

Meta Gathers AI Data As Chatbot Calls Zuckerberg ‘Creepy’

Facebook parent Meta gathers data from user interactions with latest chatbot as BlenderBot 3 criticises…

15 hours ago