The Channel logo

News

By | John Leyden 12th September 2014 10:56

UK.gov's flagship infosec program ISN'T DELIVERING - but all's still well, say auditors

'Varied' understanding is no barrier to £860m cash pile

The UK's National Cyber Security Programme is not yet delivering on its much-vaunted economic benefits but is still a worthwhile exercise, according to a report by government auditors.

An update by the National Audit Office for Parliament's Public Accounts Committee on the government’s National Cyber Security Programme said that "good progress" has been made in improving its understanding of the most sophisticated threats to national security.

However, the level of understanding of threats to wider public services is "varied" – which sounds like a diplomatic way of saying poor to middling.

The programme’s objectives include tackling cyber crime and making the United Kingdom among the best places in the world to run secure e-commerce operations.

"While exports in UK cyber products and services have increased by 22 per cent between 2012 and 2013, progress in encouraging trade and exports has been slow," the auditors concluded. "Some progress has been made in encouraging businesses and citizens to mitigate risks, particularly in getting larger companies to take action. The government has, however, had a limited impact in targeting SMEs, where it has struggled to communicate guidance in a way that meets their needs."

The programme has been handed a budget of £860m to spend by March 2016.

Responding to the auditors' report, Hugh Boyes from the Institution of Engineering and Technology (IET) called for a greater emphasis on training to bridge the skills gap.

“The report highlights industry concerns about the confusing range of advice available and the lack of cyber security skills," Boyes commented. "These are valid concerns that need to be addressed."

"The current cyber security skills initiatives have been focused on providing the skills for individuals employed in cyber security roles. This is a short term solution which does not address the need to improve the security awareness and skills of everyone involved in the design, production and use of software-based systems," he added. ®

comment icon Read 5 comments on this article or post a comment alert Send corrections

Opinion

Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella
Stranded_ships

Chris Mellor

Thousands of layoffs announced as spinning rust enters its death spiral

Features

STRASBOURG, JUNE 29, 2016: The seat of the European Parliament. by Marco Aprile for shutterstock. EDITORIAL USE ONLY
Plan b, image via Shutterstock
EU workers, new markets: post-Brexit pressure on May & Co
Tough question, pic via Shutterstock
Honest mistake with your licensing? Audit police look at it on a 'case by case basis'