The plans were unveiled by secretary of state for Business, Innovation and Skills, Vince Cable at the Government and Regulators Summit on Wednesday morning.
The summit saw representatives from regulators for the financial, water, energy, communications and transport sectors and intelligence agencies and MPs meet to discuss new ways to bolster the country's cyber defences.
The representatives agreed to take part in critical infrastructure cyber tests similar tests to those seen in the recent Waking Shark I and II operations. Waking Shark is the codename used for the resilience tests inflicted on the financial sector in 2013.
Other key reforms include the adoption a new "10 Steps to Cyber Security" standard and increased information sharing between the public and private sector using initiatives like the Cyber Security Information Sharing Partnership (CISP).
Cable said the reforms are an essential step in the UK government's ongoing battle to protect its digital economy and critical systems from hackers.
"Cyber attacks are a serious and growing threat to British businesses, but it is particularly important that those industries providing essential services such as power, telecommunications and banking are adequately protected to avoid disruption to our everyday lives, he said
"We can only achieve this objective through a partnership between government, the regulators and industry. Today's event marks the next step in highlighting the important role of the regulators in overseeing the adoption of robust cyber security measures by the companies that supply these crucial services".
Deputy governor for Prudential Regulation at the Bank of England, Andrew Bailey, mirrored Cable's sentiment, promising to release information and guidance accrued during Waking Shark II as a sign of good will to other businesses.
"It is essential for financial stability that the UK financial system and its infrastructure continues to work towards improving its ability to withstand cyber-attacks," he said.
"To support this, the Bank of England will also publish today the findings of Waking Shark II, an exercise which tested the response of the wholesale banking sector to a simulated cyber-attack, which is part of the ongoing work recommended by the Financial Policy Committee to improve and test resilience."
KPMG Information Protection and Business Resilience team partner, Stephen Bonner, also praised the government for the reforms, urging companies to resist the temptation to go it alone when fighting hackers.
"Fear of damaged reputations or stuttering share prices are major factors behind many organisations' decision to keep a low profile when their cyber defences have been breached. But the days of isolationist thinking have long since disappeared, as an attack on one institution can lead to the exposure of commercially sensitive details for another," he said.
"Organisations may like to think of themselves as impenetrable islands, but the reality is that, with so much data stored - and so many relationships managed - online, they are bridged together and only by standing as one can they avoid being breached."
Attacks on critical infrastructure have been a growing concern over the last few years with a number of campaigns targeting critical infrastructure uncovered in recent months. A sophisticated campaign targeting the energy industry, codenamed Energetic Bear, was uncovered by security firm CrowdStrike earlier in January.
No comments:
Post a Comment