So this evening, I was reading through the Intelligence and Security Committee’s Annual Report 2010–2011 (you know, just casually). As I delved inside, I became particularly intrigued by the sheer number of agencies who were tasked with protecting the UK from cyber attack, or at least some particular portion of it.
Now I’m no cyber guru, but it seemed to me baffling that we could have created such a uniquely complicated tangle of overlapping authorities spread across a whopping 18 (!) different agencies (nominally headed by the Cabinet Office):
Of course, this is slightly old news, but the government’s response to the issue is definitely not. It appears now that government has begun to attempt to unravel this convoluted web (sorry for such a terrible pun!) of agencies through the establishment of a new, centralised (at least partially) cyber security hub (full report here), which it announced in November.
My knowledge of this topic area is very limited, but I was interested to know from some of the cyber aficionados (and others too) as to their thoughts on these issues:
- Is it right for multiple agencies be employed across the private and public sector to formally help protect the UK from cyber attacks? It seems that, done right, this could lead to an synergistic, mutually supportive system whereby the different agencies provide interlocking safety nets that stop threats more effectively than a single brittle barrier. But done wrong, it could be a chaotic shambles where no one really takes overall responsibility, coordination breaks down and massive gaping gaps are left open for cyber attackers to exploit.
- Is the government right to try to scoop it all up under the jurisdiction of one centralised centre? This seems like a good idea on the surface, but will having one central agency like this ultimately lead to bureaucratic inefficiency? In fact, is this even really viable as an idea, or will the other entities – particularly within the private sector - continue to flourish at such a rate that the centre will quickly become all but obsolescent?