Top 10 security stories of 2013 so far

Stuart Sumner
clock • 13 min read

Computing looks back at the most important cyber security stories of the past six months

1 - UK's investment in cyber security is "embarrassing", say experts

The government's investment in cyber security is embarrassing, according to security experts talking to Computing back in April.

The government announced plans in 2010 to invest £650m over a four-year period on cyber security, after the National Security Strategy rated cyber attacks as a "Tier I" threat.

The funds were allocated to a four-year National Cyber Security Programme (NCSP), which is now incorporated under the UK's Cyber Security strategy, announced at the end of 2011.

In the UK cyber security strategy document, the government claims that "despite a tight fiscal situation, we set £650m aside over four years to develop our response [to cyber threats]". Judy Baker, founder of the Cyber Security Challenge UK, believes that this shows how highly Whitehall regards the Cyber Security strategy.

"The government has recognised the importance of the issue by investing £650m at a time when it was not investing in other areas," she said.

But Bob Ayers, former US cyber intelligence officer at the Department of Defense, slammed the idea that a £650m investment would be enough.

"Let's not go round patting ourselves on the back, saying that government has recognised the problem and is actually spending money on it," he said. "Over 20 years ago the US government had an organised cyber security programme with 155 assigned staff and a $100m-a-year budget - and that was a continuing $100m a year."

He added: "Now, 20 years later, the UK is spending a phenomenally smaller figure and starting into [its cyber security strategy] and we're saying this is good? No, this is embarrassing."

Mark Brown, director of information security at professional services firm Ernst & Young, agreed that the amount spent is not a big sum of money.

"£650m over four years, when you calculate that, equates to £2 per UK national per year and when you look at that statistic, it shows that the investment isn't that large," he said.

Baker added that a short-term investment will not solve the problem and that there needs to be a longer, continuous investment - something that is not happening appropriately from either companies or government, at the moment. Another concern is the lack of a plan, at least in the public eye.

"What happens when the £650m stops? Where is the government commitment to the next pot of money after that? Because we're not far off from that, and people need to be planning now to spend that sensibly," Baker said.

And that wraps up the top 10 security stories of 2013 so far. Are there any critical stories you think we missed? Let us know in the comments below.

You may also like
Long Reads: A chance meeting cost this CIO £400,000

Security

Betrayal, bewilderment and Bank of America

clock 02 October 2023 • 7 min read
NHS sent Facebook private patient information

Privacy

20 trusts found using a tracking tool that shared information with Meta

clock 30 May 2023 • 3 min read
Accidental exclusion exacerbating cyber's staffing problem

Careers and Skills

Many people who would excel in cybersecurity roles see no obvious way in, with those that do make it getting stuck in entry-level positions

clock 12 May 2023 • 4 min read

More on Security

You need to lock down cyber-physical systems: Here's how and why

You need to lock down cyber-physical systems: Here's how and why

Cybersecurity should focus on OT as well as IT

Samara Lynn
clock 27 March 2024 • 3 min read
China Crisis: Government blames China for Electoral Commission cyberattack

China Crisis: Government blames China for Electoral Commission cyberattack

Also accuses Chinese state-affiliated actors of trying to hack MPs emails

Penny Horwood
clock 26 March 2024 • 5 min read
A cyber-focused attorney on why 'Data is the hot potato'

A cyber-focused attorney on why 'Data is the hot potato'

Shawn Tuma, partner and co-chair of the data privacy and cybersecurity practice group at Spencer Fane LLP, shares some tips on cybersecurity for companies to follow.

Samara Lynn
clock 26 March 2024 • 3 min read