The news that the UK government is to invest £1.9 billion in new automated cybersecurity defences is a welcome and logical one considering the threat landscape and increased proficiency and professionalism of threat actors.
The Chancellor Philip Hammond's announcement in London last week clearly shows the intention for the UK Government, like most major governments around the world, to get more 'serious' about cybersecurity and defending public institutions and ministries.
We all know that cybersecurity is an increasing threat to all governments, businesses and of course ordinary people going about their lives and utilizing the Internet.
This cyber threat is only growing as hacktivists, state sponsored hackers and of course revenue-focused cybercriminals look to exploit any sign of weakness in our cybersecurity. Just last week a report into the US election concluded that it had been one of the most 'cyber attacked' elections ever with many actors trying to influence the final result, or simply exploit the election for their own ends.
Clearly cyber attackers have their sights firmly set on everything we do online these days and that requires us, as citizens, business people and government representatives to take a different view of cybersecurity.
The money announced by Mr Hammond will be used to improve automated defences to safeguard citizens and businesses, support the cybersecurity industry and deter attacks from criminals and "hostile actors".
But what is interesting to me especially is the move towards increased automation of the process in defending Government. Such is the scale of attacks globally, it is critical that defenders are able to prioritise the most important and focus their resources to the most critical or pressing incident. Automation and intelligence goes hand in hand to help focus the efforts to maximize the results.
Likewise it is going to be critical to be able to quickly identify and take down websites impersonating government departments but which might play host to malware; malvertising; and even ransomware, as well as crack down on spoof email accounts used in fraud cases.
Again, cyber threat intelligence and cyber situational awareness it critical here to ensuring that the hard pressed security teams in government and business can target on the most pressing or critical attack, and so ensure that services remain operational and the impact of such attacks is minimised.Suggest a correction