Government 'timid and slow' on cybersecurity

security key

The internet is a major weak point for national security despite its increasing importance to citizens and business, according to a new report, which claimed the current government is "too timid and slow" on cybersecurity.

The Institute for Public Policy Research (IPPR) today released its all party Commission on National Security, which highlighted online security issues.

It called on government to get involved in cybersecurity, by working with IT professionals, noting that a month-long internet outage in Europe could cost 150 billion.

"Government should facilitate the creation of the cyber equivalent of Neighbourhood Watch', by engaging positively with the law-abiding technical community (systems administrators, internet service providers, white-hat' or ethical' hackers and others) to enlist their help in securing important systems and networks," the report said.

The report also called for the creation of global cybersecurity body, to add to the work of the European Network and Information Security Agency. The UK recently followed the US in creating a national cybersecurity agency.

But security shouldn't just focus on web issues, the report noted. It also said the government should support the creation of security software as well as better secure existing software.

Business demands

It's not just about government taking action, however. The report said businesses both large and small need to better understand the importance of resilience in their networks.

"Beyond regulation, we believe business itself needs to invest in the resilience of both its assets and its people to optimise its own self-sufficiency and continuity in emergency situations," it said.

"This means enhancing markets in resilience-related services, an impossible task without first addressing current information failures that prevent companies from appreciating the competitive advantage additional resilience could offer," the report added.

It noted that many businesses especially smaller ones don't understand that power outages and network failures could hurt their company.

"Business customers need to understand how to ask the right questions about the resilience of the essential services on which their businesses depend. Infrastructure providers need to offer a range of different levels of resilience alongside a range of different service costs," the report said.

"For many this might open up whole new areas of profitable premium service, yet still save money overall for their customers," it added. "Given the critical importance of communications and the proliferation of mobile phones, a more resilient mobile communications service would seem to be a no brainer'."

The IPPR report also examined other national security issues, including energy and defence.