Think tank urges co-ordinated cybercrime response
The government needs to provide a centrally co-ordinated response to cyberthreats, according to international-affairs thinktank Chatham House.
Speaking at an Institute of Public Policy Research event in London on Monday, Paul Cornish, head of the international security programme at Chatham House, said a "light touch co-ordinated approach" across various government ministries would be a more efficient approach than the establishment of a ministry dedicated to cybersecurity.
"We need a national culture of cybersecurity," said Cornish. "This has to be achieved mutually by all concerned agencies, and provide the basis for international co-ordination."
Cornish said a ministry of cybersecurity would be ineffective against the evolving nature of threats. Instead, central government should pool and disseminate knowledge from existing agencies such as the Centre for the Protection of National Infrastructure (CPNI) and CESG, the information-assurance arm of GCHQ, Cornish told ZDNet UK.
Information assurance — the practice of managing the risks associated with information — is increasingly necessary due to society's growing vulnerability to cyberthreats, Cornish added.
Cornish said that, while individual expertise was enough to mitigate threats within certain government groups, this knowledge needed to be spread throughout government. "[Government agencies] do it, but they don't do it with the bigger picture in mind, and it's similar with network security," he said. "At the sectoral level, banks stop people getting into the systems, but don't take into account the broader consequences [of why]."
"We as a society are becoming increasingly dependent on a global communications and information infrastructure, and this dependence leads to exposure and vulnerability," said Cornish. "Threats can't be dealt with serially."
Shadow security minister Baroness Pauline Neville-Jones told ZDNet UK at the event that the government was failing to deal adequately with the issue of cybercrime.
"There is social and political abuse of cyberspace, which is an area where the government is underperforming," said Neville-Jones. "The police have powers under anti-terror laws to deal with cybercrime, but the government hasn't directed enough resources to the police yet, to use those powers."