The UK government has made several missteps in its plan to protect the country’s critical infrastructure from cyberattacks according to a recent assessment conducted by the National Audit Office (NAO).
In our increasingly digital world, the government has grown worried that its critical infrastructure will be targeted by foreign states looking to disrupt daily life.
The National Cyber Security Programme is set to be funded until 2021 and so far one of its most successful projects has been the establishment of the National Cyber Security Centre (NCSC).
The UK government’s strategy to keep the country safe in the wake of constant cyberattacks involves 12 “strategic outcomes” that cover a number of areas such as understanding, investigating and disrupting threats, defending against evolving cyberattacks, managing and responding effectively, securing government networks and developing cyber skills in the UK.
According to the NAO, delivering on its strategy was a “complex challenge” and the government was still unsure as to whether it should concentrate efforts to “make the biggest impact or address the greatest need”.
The report’s section on protecting power plants and hospitals was marked “red” indicating that fewer than 80 percent of its projects to defend these potential targets would be completed on time. These key targets are currently being “actively defended” but since the methods to measure success are still being developed, it has been difficult to gauge their effectiveness.
The government has “low confidence” for half of its strategic plans but this is still an improvement on the “very low confidence” these topics were given late last year.
The NAO report did highlight the success of the NCSC and its creation of a tool used to block 54.5m fake emails between 2017 and 2018.
Via The BBC