The UK’s key organisations are to get cyberattack advice from the country’s GCHQ electronic intelligence 'spooks' under a new ‘Cyber Security for Business’ programme launched yesterday.
Business leaders attending a Foreign Office-hosted conference will be reminded of the stark threat facing the country’s most important infrastructure, business and government organisations in no uncertain terms, newspaper briefings have revealed.
Details of the programme are scarce so far but the initiative is believed to pave the way for Government to take a more proactive role in warning of threats in a way that harnesses the substantial intelligence-gathering nous of GCHQ.
In the last two years the Government has put out a stream of doom-laden warnings to organisations, starting with a famous February 2011 report that claimed the annual cost of cybercrime to the UK economy was running at £27 billion.
The implication of the latest initiative is that not enough businesses are heeding the warnings.
Earlier this summer, MI5 claimed that one UK business had lost £800 million directly and indirectly as a result of a cyberattack so the non-stop warnings have some substance.
Giving businesses a way of accessing GCHQ’s expertise and intelligence is an interesting idea even if it might be hard to implement.
The spy agency devotes huge effort and expertise towards spotting cyberattacks, both general and specific, while businesses focus more on building defences based on complex security models.
Allowing businesses some warning of real attacks at an early stage might help them turn the theoretical into flexible defence. The Government has already tried out the cybersecurity hub, a pilot to feed cyberattack data to and from businesses so this programme will have to go beyond that.
Not everyone agrees that defences alone are a cost-efficient way to tackle cybercrime. In June, a Cambridge University study argued that investment on aggressive policing would have a bigger payback in the long run by acting as a deterrent.