UK needs more cyber security experts, say auditors
By Richard Johnstone | 12 February 2013
Government attempts to crack down on cyber crime are being hampered by a lack of skilled computer workers, the National Audit Office warned today.
In a review of the Cabinet Office’s UK cyber security strategy, the NAO said the department faced a number of ‘key challenges’.
Ministers not only needed to address the lack of cyber security professionals, but to raise awareness of internet crime and ensure a co-ordinated approach across Whitehall.
Cyber crime is estimated to cost the UK economy between £18bn and £27bn, the report said. The Cabinet Office’s strategy, published in November 2011, was designed to tackle this, and the government had committed £650m to fund the programme. This investment was ‘beginning to deliver benefits’, the NAO found in its report, UK cyber security strategy: landscape review.
The Serious Organised Crime Agency had reported more than 2.3 million items of compromised card payment details to the financial sector since 2011, preventing a potential economic loss of more than £500m. In addition, members of the public had reported more than 46,000 possible instances of cyber crime to the UK's national fraud reporting centre in the past year, amounting to £292m worth of attempted fraud.
However, more needed to be done to close ‘the UK’s current and future information and communications technology and cyber security skills gap’, the auditors said.
The strategy aimed to ‘build the UK’s cross-cutting knowledge, skills and capability to underpin all cyber security objectives’, but an ‘immediate’ lack of skilled workers threatened progress, the report stated.
According to the government, the number of ICT and cyber security professionals in the UK had not increased in line with the growth of the internet. This was hindering the UK’s ability to protect itself in cyberspace and promote internet use both now and in the future, and could take up to 20 years to address, auditors added.
‘The threat to cyber security is persistent and continually evolving,’ auditor general Amyas Morse said today.
‘Business, government and the public must constantly be alert to the level of risk if they are to succeed in detecting and resisting the threat of cyber attack.’
Responding to the report, Public Accounts Committee chair Margaret Hodge said that the report stressed that ‘government must work hand-in-glove with people and businesses to build awareness, knowledge and skills’.
She added: ‘With this government committing £650m additional funding to cyber security, my committee will want to ask how the action of the 15 government organisations involved in delivering the strategy is being properly co-ordinated and what progress has been made.’
A Cabinet Office spokesman said the strategy meant the UK was ‘on a stronger footing’ to tackle cyber crime than a year ago.
He added: ‘We agree that skills are crucial to cyber security which is why we are investing heavily in research and education.’ He cited the establishment of centres for excellence in cyber security research and promoting skills in the police. The Cabinet Office also supported various initiatives, including the cyber security challenge to recruitg new talent to the sector, he said.