UK ‘needs better cyber security strategy’, MPs warn

UK 'needs better cyber security strategy', MPs warn

The UK is in serious need of a better long-term strategy for cyber security, as it is particularly vulnerable to such risks at present, a group of MPs have warned.

A new report from the House of Commons' Public Accounts Committee (PAC) said the country's world-leading digital economy means it is a particularly tempting target for hackers and other bad actors.

However, it is not clear the existing five-year plan to counter this threat, which runs until 2021, will be able to meet its goals. Indeed, the committee stated the government has not made sufficient progress on developing long-term objectives for the National Security Strategy.

Committee chair Meg Hillier MP said: "With its world-leading digital economy, the UK is more vulnerable than ever before to cyber attacks. As the likelihood of these attacks continues to grow, the UK needs to protect itself against the risks created by more and more services going online."

One of the issues raised by the report is the current difficulty for businesses and consumers to know whether the internet-enabled devices they buy are secure, or if any company they give their details to online can be trusted to hold this information securely.

The committee noted there is no guarantee that even the biggest brands will be secure, highlighting the cyber attack on British Airways last year that saw the personal and financial details of some 380,000 customers stolen, as an example.

"There is currently no 'traffic light' or 'kitemark' system to inform consumer choice on how cyber secure the products they buy are, unlike recognised standards in other areas – such as food safety," the report said.

It was reported by the Daily Telegraph that until now, the government has resisted the use of such symbols for cyber security, arguing it is "hard to draw up a list of organisations and specify what they must do as this becomes outdated quickly".

However, the PAC has asked that the Cabinet Office spell out by November this year how it would provide consumers with information on products' and services’ cyber-resilience.

With the government recently unveiling plans for better certification and security standards for a range of Internet of Things products, however, it could be something that is revisited in the future.