The Government is advising businesses to step-up their security against cyber threats and to help ramp-up their resources they've enlisted the services of GCHQs top spooks.
According to the Department for Business Innovation and Skills (BIS), currently, too few company chief executives and chairs take a direct interest in protecting their businesses from cyber threats. So to improve matters, the Government and intelligence agencies are directly targeting the most senior levels in the UK's largest companies – company boards, their Chairs and Chief Executive Officers - and providing them with advice on cyber security threats.
Article continues below
To kick things off the BIS and Government Communications Headquarters (GCHQ), have launched a new initiative the Cyber Security Guidance for Business which looks at how to safeguard a company's most valuable assets, such as personal data, online services and intellectual property.
Foreign Secretary William Hague, as Minister responsible for GCHQ, explained the reasoning behind the initiative:
"A networked world brings many advantages. But cyberspace – and cybercrime – knows no borders. Businesses must be alert to the dangers. Drawing on GCHQ's experience and working with industry the Government is committed to helping reduce vulnerability to attacks and ensure that the UK is the safest place in the world to do business."
However the guidance isn't enough according to Les Clifford, Assurance Audit Partner at Ernst & Young, who thinks the Government should be concentrating on more long-term goals.
"Although Cyber Security for Business is an appropriate short-term solution, within the UK we have a significant shortage of skilled workers in this field when compared to our international counterparts. Urgent action is required to tackle this to ensure that UK based companies can continue to defend themselves against these growing threats."
Adding, "In our most recent Global Information Security Survey of 1,700 organisations, less than half (49%) of respondents stated that their information security function is meeting the needs of the organisation. Specifically in the UK, the main reason cited by respondents for this is a lack of skilled resources (23% in the UK, compared to 13% globally)."
However, perhaps the Government should clean it's own act up before it attempts to get businesses to fix theirs. The August 2012 monthly survey of secure websites by Netcraft shows there are 1,300 websites - of which one is a UK Government website - still using SSL certificates signed using the MD5 digest algorithm some four years after the certificate was found to be cryptographically weak, oops.