The UK government is planning to bolster its cybersecurity defences by drafting a team of 'cyber reserves' that will work to secure the country's virtual borders alongside a national computer emergency response team (CERT).
The Cabinet Office said on Monday that using a supplementary team of cybersecurity reservists would allow them to draw on an extra talent pool for cyber-defence. The government also outlined plans to formalise existing cybersecurity defence and response schemes.
"We are constantly examining new ways to harness and attract the talents of the cybersecurity specialists that are needed for critical areas of work," Cabinet Office minister Francis Maude said in a statement. "To this end, the MOD [Ministry of Defence] is taking forward the development of a 'Cyber Reserve', allowing the [government] services to draw on the wider talent and skills of the nation in the cyber field."
While plans to draft in the new personnel are only at an introductory stage, the Cabinet Office said it would hold a series of events next year with industry to flesh out how the scheme will work.
Ross Parsell, director of cyber strategy at defence company Thales UK, said the approach could end the catch-22 holding back cybersecurity recruitment in the UK.
"The public sector cannot compete with the private on salaries, which places the nation in a vulnerable position," Parsell said in a statement on Tuesday. "Major initiatives likes the Cyber Security Research Institute will help a great deal in promoting cybersecurity earlier in the education cycle."
Cyber Security Strategy
Maude gave details of the plans during a review of the UK's Cyber Security Strategy, a scheme launched one year ago, in November 2011. The aim of the strategy is to protect the UK against what Maude described as "real and growing threats to our cyberspace".
"The public sector cannot compete with the private on salaries, which places the nation in a vulnerable position" — Ross Parsell, Thales UK
In the update, Maude also outlined plans to make a Cyber Incident Response scheme fully operational during 2013, following a pilot of the scheme launched by CESG and CPNI at the beginning of November. This particular service is intended to be a place for organisations to turn to when they have been the victim of a cybersecurity incident.
On a national level, Maude said the UK was still working towards the establishment of a UK National CERT (Computer Emergency Response Team) that would "build on and complement" existing CERT structures, improve national co-ordination and act as a focus point of international sharing of technical information on cybersecurity.
The government said it will also continue to work towards the creation of the National Cyber Crime Unit (NCCU), which will be an integral part of the National Crime Agency scheduled to be established in October 2013, pending parliamentary approval of the plans.
"The NCCU will bring together the capabilities of the Police Central e-Crime Unit and SOCA's [the Serious Organised Crime Agency] cyber team to create an even more effective response to the most serious cyber criminals," Maude wrote.