War is an ever-changing monster, and as crime and warfare evolve and become increasingly sophisticated, governments have been forced to enact new and evolving strategies to defend themselves. Perhaps this is no more evident than in cyberspace where over the last decade, hacking and cyber threats have taken centre stage. Governments around the world have historically struggled to meet these threats, but that is changing as the consequences of attacks become increasingly ominous.
The UK Stance on Cybersecurity
Most developed countries have increased their cybersecurity budget in the past few years. The US now spends approximately $14 billion annually, China $1.5 billion, South Korea $400 million and Russia $300 million. In the last 6 years, the UK Government has grown spending on the National Cyber Security Strategy from £860m in 2011 to its latest announcement of a £1.98 billion budget for its shiny new National Cyber Security Program.
The increased UK security drive outlined specifically emphasized three key objectives:
Defense: To develop multiple layers of defense that significantly reduce the UK’s exposure to cyber attack through making it far more challenging to attack and ensure its networks, data and systems are resilient.
Deter: To instigate robust deterrence measures to increase the cost and reduce the benefits of attacking the UK.
Develop: Drive to expand the cybersecurity industry and cultivate the necessary skills within UK society and industry to ensure it keeps pace with cyber-threats.
The UK government has taken a refreshing, transparent and inclusive approach to the issue, building up UK defenses in plain sight and pushing wider educational tactics to halt threats rather than retaining all protection and monitoring behind closed doors.
The Changing Nature of the Threat
As seen with the 2016 DDoS attacks against Dyn DNS, the largest DDoS attack in history that disrupted communications across Europe by taking down one of the largest domain name servers, the new breed of cyber attacks can have increasingly damaging and widespread effects. The Dyn DDoS attack hijacked thousands of connected smart devices and the havoc it wrought had those in the security industry asking again how far reaching and destructive to the Internet a single cyber attack could be.
In its effort to combat this growing threat, the UK Government has leaned towards a layering cybersecurity strategy with each added layer of security making a successful attack exponentially harder to achieve. Whether they are coming from organized activist groups, other governments or sets of individuals, with attacks commonly initiated based on a perceived value that can be gained, outweighing a cost to attempt a breach, the more robust layers that are in place, the more attacks become unfeasible
The US current Department of Defense strategy (published in 2015) takes a differing, two tier approach to the issue. The first focuses on information sharing as well as building bridges with public sectors and building coalitions abroad. Note – information sharing means US sharing between governmental organizations, not the public. The second tier prioritizes defending its own system, defending the United States and following directives given by the president – in that order.
It remains to be seen with new leadership in the US and UK will maintain ambitious defense strategies long term, and how exactly each government will spend this investment over the next 5 years in all its primary objectives. The success of the new initiative does rely on striking the necessary balance of infrastructure and education in order to combatting the varied and numerable threats that now exist. In the new age of mass stored digital data, a heavy reliance on the internet and the emergence of the Internet of Things, this is a tall order.
You can view/download the UK Government Cyber Security Strategy here:
You can view/download the US Government DoD Cyber Security Strategy here: