The UK government's Active Cyber Defence (ACD) strategy for combating cyber crime has proven highly successful where used and should be rolled out across the country to other sectors, a new report has recommended.
A study into the effectiveness of the programme conducted by the Cyber Security Research Group and The Policy Institute at King's College London found the strategy has helped reduce both the frequency and impact of cyber crime for government agencies and users, and has great potential to improve security nationwide if used more widely.
"There are no significant technical obstacles to extending these protections beyond the public sector and no fundamental reasons why ACD tools and techniques should not be tested and deployed as appropriate," the report stated.
It also suggested that security could be improved by publicly identifying the steps businesses are taking to improve their defences.
'Naming and shaming' in this way would act as an incentive for those that have not done enough to step up their efforts so far, the report said. It noted that four in ten businesses were subject to a cybersecurity breach or attack in 2017-18, and official figures suggest that UK residents are more likely to be a victim of cybercrime or fraud than any other offence.
Therefore, publishing details of what steps are being taken to guard against this could help consumers make decisions about which firms to do businesses with, as well as spurring on organisations to do more.
"The hope with ACD is that it can help identify which companies are adhering to good practices and which are not," the report said. "The 'carrot' is the recognition of one’s commitment to cybersecurity; the 'stick' is the risk of going out of business."
Launched in 2016, the ACD framework features a range of tools that can be used proactively to tackle cyber crime. In its first year in operation, it helped remove 121,479 unique phishing sites across 20,763 attack groups physically hosted in the UK, and 18,000 more sites internationally, while in 2017, 3TB of DNS data was analysed for security threats, with over 134,000 unique queries blocked.