GCHQ’s former boss, Nick Hopkinson, has indicated that the UK is less well organised then other countries in the EU such as France or Germany to deal with a cyber attack.
He says that there are a large number of interested parties that have failed to work effectively together to produce a cohesive plan in the event of a significant cyber attack.
Hopkinson was the head of GCHQ for five years and now works as head of cyber security for US IT firm CSC.
He said, “There is definitely a need for rationalisation between the organisations. Trying to co-ordinate policy and strategy is hard when dealing with lots of bodies. Attempting to set a strategy by committee delays progress.”
“When I dealt with German and French colleagues while at GCHQ, I noticed they are much more centralised in the way they develop their cyber security strategy.
“This centralisation of responsibility would be a logical next step and ought to be a priority for the government.”
Speaking with Computing, he went on to say that the US identified this problem a long time ago, and were quick to invest in a solution.
“The US recognised the problem earlier, probably because they’re seen as the world’s richest target for cyber attack, due to the lead they have in technology IP.
“They considered this to be a strategic problem in 2006, both in terms of national security and their future economic wellbeing.
“The drive to establish coherent policy and strategy came directly from the White House and a significant budget followed quickly.
“The US put into place active mechanisms in 2008 to enable near real-time data- sharing on threats and mitigation techniques between industry and government.”
David Cameron announced earlier this year that he was to invest GB pound 650m into UK cyber security, an investment that is badly needed, according to Cambridge University’s professor of security engineering, Ross Anderson, who describes the UK’s cyber security strategy as “fragmented, messy, inefficient and hopelessly under-resourced.”
