Whitehall official outlines cybersecurity funding plan

Whitehall official outlines cybersecurity funding plan

Summary: The government plans to spend £650m on projects ranging from raising consumer security awareness to increasing GCHQ's capabilities, according to a top Whitehall official

TOPICS: Security

A high-ranking Whitehall official has outlined how the government plans to spend £650m on cybersecurity.

The funding, which was announced in October, will be spent on a number of initiatives: "It's a national programme, with a range of activities ranging from improved public awareness through to GCHQ abilities at the other end," the official told ZDNet UK on Wednesday. GCHQ works in close co-operation with the Cyber Security Operations Centre (CSOC), the government body charged with responding to cyberthreats.

Read this

ITU head: Cyberwar could be 'worse than tsunami'

Hamadoun Toure, the UN agency's secretary-general, has called for a global 'cyber peace treaty' in the context of the 'new world order' of cyberspace

Read more+

Part of the funding will go towards establishing high-level industry groups such as the Telecommunications Industry Security Advisory Council (TISAC), said the official. TISAC was set up by the Cabinet Office Central Sponsor of Information Assurance (CSIA) — which became part of the Office of Cyber Security (OCS) in 2009 — to discuss and respond to threats to UK telecoms resilience. TISAC includes senior executives and chairmen of communications providers, operators, internet exchanges, telecoms regulator Ofcom, the OCS, and the Department of Business, Innovation and Skills (BIS).

The official said that TISAC had been successful, and that the government is now looking to establish high-level cyber-response groups in different sectors of the critical national infrastructure, such as financial services. "There are already a lot of financial [cyber-response] groups, and [the financial sector] really recognises the value of having strategic discussions between the public and private sectors," said the official.

The £650m funding forms part of the Strategic Defence and Security Review (SDSR).

Total government spending on information security is around four percent of the annual £16bn public-sector IT budget, or £640m a year, the OCS told a government committee on Wednesday.

Steve Marsh, deputy director of OCS, told the Commons Science and Technology Committee that the £650m was in addition to existing funding. It was difficult to give an exact number for government information security spending, Marsh said.

"The announcement of £650m is new money, in addition to what we spend on IT security, which is estimated at approximately four percent of the IT budget, [which is] £16bn a year," Marsh said. "Cybersecurity rests on existing mechanisms, and there are other contributions, with different estimates across different departments."

Professor Mark Welland, chief scientific advisor for the Ministry of Defence, said that the MoD had 350 people who were specifically trained in cybersecurity, and that the MoD research budget for cyber-defence was £6.5m. In addition, said Welland, all MoD staff underwent some form of information security training.

London School of Economics information security expert Peter Sommer told the committee that it was difficult to know how much the public sector spent on information security, as part of the budget went to secret intelligence agency budgets, and the rest was split over disparate public-sector bodies.

"The problem is we don't know the budget the government is putting in GCHQ," said Sommer. "Part is in the police, part in the Cabinet Office, and part appears in other budgets. It's easy to say we're not spending enough, but we don't know how much is being spent."

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for ZDNet.com. He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to start the discussion