Conservatives to put cyber threat in the mainstream

IT security to be tackled in co-ordinated fashion alongside other threats

The Conservatives will reorganise Whitehall's security response capabilities

If they win power this year, the Conservatives will implement a new holistic National Security Strategy that will prioritise cyber warfare as a serious threat, the party said in a green paper published today.

The report says that despite frequent occurrences round the world of service denial and disruption of inadequately protected electronic systems, the threat of cyber attack is widely disregarded.

The opposition would remedy this problem by creating a National Security Council that will replace the Ministerial Committee on National Security, International Relations and Development and the Ministerial Civil Contingencies Committee.

This council, chaired by the prime minister, would develop co-ordinated strategies on terrorism, critical infrastructure, cyber security and conflict prevention.

It would be supported by a new National Resilience Team reporting into the Cabinet Office.

The National Resilience Team will adopt a holistic approach to critical infrastructure and will bring together the functions of the Civil Contingencies Secretariat, the Information Security and Assurance Unit in the Cabinet Office, the Centre for the Protection of National Infrastructure, the National Counter Terrorism Security Office, the Office for Cyber Security and parts of CESG – the information security arm of GCHQ.

The National Resilience Team will comprise three units: one for Critical Infrastructure and Crowded Places, one for Emergency Preparedness, and one for Cyber Security and Information Assurance.

The Cyber Security and Information Assurance Unit will have responsibility for setting cyber security policy and standards for all government departments and critical infrastructure operators.

It will advise government, suppliers, critical infrastructure operators and also businesses on IT security, develop an exercise programme, and develop disaster response capabilities.

As most parts of the critical national infrastructure are run by the private sector, there will be a National Infrastructure Advisory Council which brings together all private sector operators alongside the National Resilience Team.

"This is increasingly important given that despite the interconnectedness of the various sectors and the increasing risk of cascading failure, [as] operators are not talking to each other," the report says.