UK needs kitemark system to warn consumers of device security threats, say MPs

The government needs to take a long-term approach to protecting against the risk of cyber-attacks, says Public Accounts Committee chair.

The UK should develop a kitemark system for electronic devices and websites to warn consumers of their security risks, MPs have suggested.

According to the Public Accounts Committee (PAC), Britain is "vulnerable to attack from hostile countries, criminal gangs and individuals".

While the government is beginning to make some progress towards meeting the outcomes of the current National Cyber Security Strategy, the Committee warned that a weak evidence base and the lack of a business case for the programme "make it difficult for the Department to assess whether it will meet all its objectives by 2021".

Britain is 'vulnerable to attack from hostile countries, criminal gangs and individuals', say MPs

In particular, as digital technology and online services continue to evolve, the Committee said it is concerned that "consumers do not know how safe the websites or internet-enabled products they use are" and said "there is clearly more that the government needs to do to make progress in this area".

"It is difficult for consumers to know whether the internet-enabled devices they buy or the companies they give their details to online are holding their information securely," said the committee.

AI & Machine Learning Live is returning to London on 3rd July 2019. Hear from the Met Office's Charles Ewen, AutoTrader lead data scientist Dr David Hoyle and the BBC's Noriko Matsuoka, among many others. Attendance is free to qualifying IT leaders and senior IT pros, but places are limited, so reserve yours now.

"For example, a trusted brand like British Airways was hacked in 2018, and the personal data of 380,000 customers was stolen.

"There is currently no ‘traffic light' or ‘kitemark' system to inform consumer choice on how cyber secure the products they buy are, unlike recognised standards in other areas - such as food safety."

Consumers do not know how safe the websites or internet-enabled products they use are

It said the government should outline how it intends to influence the different sectors in the economy - for example, retail - to provide consumers with information on their cyber resilience.

The MPs added: "As part of this it should outline how they intend to measure success in protecting consumers. This should also form part of its approach to cyber security after 2021."

Committee chair Meg Hillier MP said: "With its world-leading digital economy, the UK is more vulnerable than ever before to cyber-attacks. As the likelihood of these attacks continues to grow, the UK needs to protect itself against the risks created by more and more services going online.

"We welcome the National Cyber Security Strategy but are concerned that the Programme designed to deliver it is insufficient.

"As it currently stands, the Strategy is not supported by the robust evidence the Department needs to make informed decisions and accurately measure progress. On top of this, neither the Strategy or the Programme were grounded in business cases - despite being allocated £1.9bn funding."

She added: "In the interest of national security, the Cabinet Office need to take a long-term approach to protecting against the risk of cyber-attacks: future plans should be based on strong evidence, business cases should be rigorously-costed to ensure value for money, and strategic outcomes and objectives should be clearly defined."

Delta is a new market intelligence service from Computing to help CIOs and other IT decision makers make smarter purchasing decisions - decisions informed by the knowledge and experience of other CIOs and IT decision makers.

Delta is free from vendor sponsorship or influence of any kind, and is guided by a steering committee of well-known CIOs, such as Charles Ewen, Christina Scott, Steve Capper and Laura Meyer.

Ten crucial technology areas are already covered at launch, with more data appearing and more areas being covered every week. Sign-up here for your free trial of the Computing Delta website.