Please see below comments from Bernard Parsons, CEO of Becrypt, on the Joint Committee’s National Security Strategy report. Bernard outlines some of the challenges that the NCSC is facing, the failure of self-regulation, and suggests how the UK Government can proactively approach cybersecurity.
“The Joint Committee on the National Security Strategy report does a great job in mapping out and summarising the extent of the challenge the UK faces, in ensuring appropriate cyber resilience within the Critical National Infrastructure (CNI).
“These challenges include defining and measuring cyber resilience, identifying the boundaries of the CNI and its supply chain, and developing the skills needed to keep pace with dynamic and constantly evolving threats. Whilst a significantly positive impact has been achieved in some areas, particularly by the National Cyber Security Centre (NCSC) with limited resources, the report suggests that a significant and creative change to the Government’s current approach is still required.
“The 2016 National Cyber Security Strategy formally recognised the failure of the market to self-organise. This remains true today, with the most advanced cybersecurity practices occurring where the greatest incentives exist, with the finance sector a prime example. Very different economic models play out in sectors such as energy, where it is the broader economy and citizens that stand to lose the most, in the event of a major cyber incident.
“Whist it may seem unpalatable, proposed mechanisms such as individual board member responsibility and the inclusion of cyber reporting within a revised Companies Act, may be the types of triggers that are necessary to create the focus within the private sector, which the Government needs, to be successful.”