Government launches cyber-resiliency inquiry
The government has opened an inquiry into the UK’s critical national infrastructure (CNI) to assess its cyber-resiliency as the UK is highlighted to be the third most targeted globally for cyber-attacks, following the US and Ukraine.
Overseen by the Science, Innovation and Technology committee, the inquiry will explore the progress of the UK CNI toward achieving recently announced resilience targets by 2025, exploring what must be done to reach these targets as well as a revised approach to standards and regulations.
The UK’s CNI is heavily underpinned by digital infrastructure and plays a fundamental part in the UK economy, supporting innovation, the development of emerging tech and national security meaning it must be resilient to cyber-attacks if it is to successfully fulfil its role.
The committee cited major concerns around Russia’s invasion of Ukraine as well as “competing priorities” between the government and the private companies that own much of the UK’s CNI and has invited industry experts to submit evidence to a range of pointed questions about CNI cyber-resilience.
Achi Lewis, Area VP EMEA for Absolute Software, commented: “A collaborative approach to resiliency is needed to help protect the UK’s organisations that are under increased cyber threat, supported by improved standards and regulations implemented by the government. It is no longer enough to simply deter attacks, but now, we must universally prepare for when an attack happens to allow us to recover effectively, minimising the damage and loss caused by having resilient cybersecurity.”
“The end goal should be the same for all stakeholders, effectively protecting, preventing and preparing against the looming cyber threat which includes visibility across entire networks. In the face of cybersecurity challenges, visibility supported by self-healing technologies that repair and restore devices will help to produce a resilient cyber posture, and this should be the goal for all.”
The committee also stated that it “will explore the progress of UK CNI toward achieving recently announced resilience targets by 2025, and what support the sector needs to achieve those targets and efforts to make computer hardware architecture more secure by design to protect CNI.”
This leads to the question: What should be the government’s approach to standards and regulations for cyber-resilience and preparedness, supply chain access, and trusted partners?