Armed forces "fatally" reliant on IT, with no backup plans
By Stewart Mitchell
Posted on 9 Jan 2013 at 09:58
The UK's cyberdefence strategy has come under fire from the Defence Committee, with fears that British troops are "fatally" reliant on technology that isn't sufficiently protected.
The select committee report follows an investigation that included interviews with Ministry of Defence personnel. It concluded that the government needs to put in place better measures to protect its assets from cyber-attack, and provide better contingency measures should an attack prove successful.
"The Government needs to put in place – as it has not yet done – mechanisms, people, education, skills, thinking and policies which take into account both the opportunities and the vulnerabilities which cyberspace presents," said James Arbuthnot, chair or the committee.
The report follows a significant increase in spending on cyberdefences, which were allocated £650 million in 2010, when a strategic defence and security review pushed cyberthreats up to a tier-one issue.
In the event of a sustained cyber attack the ability of the Armed Forces to operate effectively could be fatally compromised due to their dependence on information and communication technology
The funding for both public and private sector organisations has shown positive results, the report found, but more remains to be done to protect critical infrastructure.
Most worrying is the fact that the committee believes there are no plans in place should an attack on UK systems cause widespread failure, which could damage both military and civilian systems.
"In the event of a sustained cyber-attack the ability of the Armed Forces to operate effectively could be fatally compromised due to their dependence on information and communication technology," the committee concluded.
"We have asked the government to set out details of the contingency plans it has in place should such an attack occur. If it has none, it should say so – and urgently create some."
Chain of command
According to the MPs, there is also a lack of understanding over who would take charge in the event of a significant cyber-attack or in the event of a solar flare affecting UK systems, with concerns that confusion could lead to potentially serious delays.
"Before a 'lead government department' is identified for a particular cyber-incident there is a potential gap during which the Cabinet Office has a coordinating role but the location of executive authority is not clear," the reports said.
"It is vital that clear procedures are in place, and communicated, about how ownership of incident response is escalated when necessary from individual departments to higher, central authorities."
Is your business a social business? For helpful info and tips visit our hub.
- Windows 8.1 Update: an abject surrender
- The insane economics of Sky Now TV
- No such thing as a free app... so pay up if you want quality
- Time to outlaw crapware-laden installers
- Windows Phone 8.1 video: hands-on
- Office for iPad: key information
- Why every PC buyer owes Richard Durkin a debt of gratitude
- HTC One M8 vs Samsung Galaxy S5: 2014's big-hitters compared
- Windows XP end of life: key information
- Cut out the broadband jargon? What jargon?
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office
- How to write your company's IT security policy
- Raspberry Pi and Wolfram: a must-have for every child
- Could you get by with Office Web Apps?
- The best Android antivirus apps for 2014
- Headings vs headers: how to use both in Word
- Windows Server 2012 R2: how the Datacenter edition could change SMBs
- Invoices and VAT: how to set up your documents correctly