Out-Law News 3 min. read
28 Nov 2011, 4:13 pm
A pilot project, to begin next month, forms part of the Government's new Cyber Security Strategy (43-page / 515KB PDF). The pilot will initially involve the defence, telecoms, finance, pharmaceutical and energy sectors, the Government said.
It will also explore ways in which intelligence agency GCHQ's expertise can be used to support the development of the private cyber security sector without compromising the agency's core security and intelligence mission, the Government said.
The strategy also proposes industry-led cyber security standards for private sector companies and the creation of a new cyber crime unit within the National Crime Agency, as well as a higher level unit within GCHQ.
Local police forces and the courts will also be encouraged to use "existing sanctions", such as restricting access to the internet and banning the use of instant messaging services, where there is strong reason to believe someone is likely to commit further serious online criminal offences, the Government said. It added that it will publish new guidance aimed at increasing the use of these sanctions.
Around 6% of the UK's gross domestic product (GDP) is generated by the internet and is set to grow, according to Government figures. It predicts that the internet will create 365,000 new jobs over the next five years.
The Government ranked cyber security as a tier one national security priority in last year's strategy, and it has committed £650 million over the next four years to strengthen its cyber defences, it said.
Francis Maude, Minister for Cyber Security, said that closer partnership between the public and private sector was crucial to the success of the strategy.
"The strategy heralds a new era of unprecedented cooperation between the Government and industry on cyber security, working hand in hand to make the UK one of the most secure places in the world to do business," he said.
"The growth of the internet has revolutionised our everyday lives and promises untold economic and social opportunities in years to come," said Maude. "This strategy sets out how we will realise the full benefits of a networked world by building a more trusted and resilient digital environment, from protecting the public from online fraud to securing critical infrastructure against cyber attacks."
The cyber security hub will pool government and private sector cyber security threats and pass that information on to key contacts. This will include actionable information on specific threats, as well as analysis of trends and new and emerging threats and opportunities.
The initiative will be extended to other business sectors from March 2012, the Government said. Its strategy also said that it would seek to establish the best way of making sure that smaller businesses will benefit from the information gathered by the hub.
The new cyber crime unit will be set up within the National Crime Agency by 2013 to help deal with the most serious national-level cyber crime and provide support to local police forces. The unit will share knowledge and expertise across law enforcement agencies, building on the work done by the Metropolitan Police's Central e-crime Unit and the Serious Organised Crime Agency, Minister for Cyber Crime James Brokenshire said.
"We are also reaching out to industry and the public to get involved. We all have a role to play in keeping ourselves and our families safe while enjoying the huge opportunities and benefits of surfing the web," he said.
The Government will also encourage police forces to make use of officers' specialist skills to help tackle cyber crime on a local level, and to make better use of existing sanctions available through the courts for cyber offences.
Computer use may be monitored or restricted under license conditions when an offender is released from prison or through a Serious Crime Prevention Order – for example, a convicted fraudster can be prevented from offering goods for sale online or restrictions can be placed on internet use in cases of sexual offences or harassment.
The Government said that it would issue guidance to encourage the use of these sanctions where appropriate, as well as consider the use of 'cyber tags' which would automatically inform police or the probation service if offenders breach conditions placed on their internet use.
"If the approach shows promise we will look at expanding cyber-sanctions to a wider group of offenders," the strategy said.
The Department for Business, Innovation and Skills will work with domestic, European, global and commercial standards organisations to encourage the development of industry-led cyber security standards for private sector companies, the Government said. UK businesses would be able to use this as a competitive edge by promoting themselves as certifiably cyber secure, it said.
Its UK Trade and Investment department will also work with trade associations to ensure that this strength can be used to help UK firms sell abroad.
At a more basic level the strategy proposes to develop 'kitemarks' for cyber security software to help consumers and businesses make informed choices about available products, and to agree a set of voluntary 'guiding principles' on support available to users with internet service providers.