UK cyber security - fragmented and failing

The UK's cyber security strategy was set out to protect national interests by building a trusted and resilient digital environment. But the strategy has been criticised since its inception for being "inadequate" and moving at a "glacial pace".

This is despite the government announcing plans to invest £650m over a four-year period from 2010 on the programme. So just how well placed is the UK to accomplish its cyber security goals?

A key criticism came from former GCHQ and CESG head Nick Hopkinson, who told Computing that the UK lagged behind the US, France and Germany in its ability to respond to cyber-attacks because of a "lack of cohesion" between the various organisations set up to work towards the strategy.

This is a view shared by former US cyber intelligence officer for the US Army and the Defence Intelligence Agency (DIA) Bob Ayers (pictured).

"The most fundamental problem is that there is no one either accountable or responsible for the implementation of the programme. In many ways, the UK cyber programme is like the EU, a collective of independent entities more concerned with their individual departmental interests rather than those of the nation as a whole," he told Computing.

Mark Brown, director of information security at professional services firm Ernst & Young, agreed with Ayers that there is no clear direction from the government as to what the cyber responsibilities of the different departments are.

"It is a question that the private and public sector are looking for an answer to, and until it is answered there will always be the question of who is responsible for assisting UK businesses within UK plc on managing cyber risks," he said.

However, head of cyber security at consulting firm BAE Systems Detica Dave Garfield believes it is inevitable that the UK's strategy lacks cohesion because it is going through a process of implementation. He states that the strategy has a clear set of goals and details how to address them.

"I don't think [the strategy] is that bad, I think there is a subtlety when things go from strategy to implementation; there is a transition period and things aren't as unified as they used to be. When you reflect on how well the UK as a whole is progressing against its strategy and compare this to other nations, we are in a good place. It has put us in a level of maturity as a country and is something to be proud of," he said.