One year on: The UK Cyber Security Strategy

Making the UK more resilient

The government report states that the GCHQ has invested in new capabilities to better identify and analyse hostile cyber-attacks on UK networks. Other schemes to help better understand cyber threats include the MoD's tri-service Joint Cyber Unit, which is hosted by GCHQ in Cheltenham.

In January 2013, an information-sharing environment dubbed Cyber Information Sharing Partnership will be launched. This will initially involve companies within Critical National Infrastructure but the government says that it intends to make it available more broadly, including to SMEs in a second phase.

Helping to shape an open, vibrant and stable cyberspace that supports open societies

The report points to the London conference on Cyberspace as a success in this area, as is the allocation of £2m per annum for an international Cyber-Security Capacity-Building Centre, which it hopes will enable industry to back initiatives to tackle cybercrime and improve cyber security across the globe.

For the future, the government wants to "expand and strengthen" the UK's bilateral and multilateral networks and to develop international collaboration through the work of EU, NATO and other bodies.

It also will play an active role in discussions on the new EU cyber strategy.

Cyber-skills deficit

Senior government officials told delegates of their plans to address the cyber security skills deficit in the UK.

"As part of [meeting the skills gap] we have integrated modules of cyber security into ICT teaching at schools," a senior government official said.

Mark Brown, director of information security at professional services firm Ernst & Young, told Computing that the skills gap has to be addressed in order for the government and businesses to cope with the change of pace in technology.

"We have to address the choice of students from the age of nine. We are in a world where our children are digital natives but they understand applications and functions of IT rather than what goes on behind IT. We need to create awareness for students to choose to take educational subjects for a career in information security," he said.

In the government report, it states that going forward it will ensure that all graduate software engineers have had adequate training in cyber security. It also states that it will put in place a scheme to certify cyber security training courses.

The Cyber Security Challenge has also helped to boost the pipeline of candidates that can work in cyber security roles, the government said.

"More than 10,000 people have now registered for the Challenge and many have chosen to move into the industry as a result of successfully completing the tasks we place in front of them. From RAF technicians and actors, to students and postmen, we have identified raw talent to boost the growing cadre of UK cyber defenders that would otherwise have remained undiscovered," Cyber Security Challenge CEO Stephanie Daman told Computing.

A key new aim, government officials said, is to recruit "cyber reservists" to the MoD.

"The services will engage additional experts to support their work in defending against the growth in cyber threats. A further announcement will be made in spring 2013," the report explained.