As the British Embassy in Washington's first ever dedicated cyber policy advisor, I can personally attest to the priority the UK attaches to cyber policy and its importance to the UK/US relationship. Despite a challenging fiscal situation, the current government has committed over a billion dollars of new funding to an office set up to promote cyber security. Like our American counterparts, we recognise that strong policy in this area is both a national security priority and an essential enabler of economic growth. In a thoroughly networked world, continued collaboration with key allies remains crucial.
Last week, the UK Government published a progress report, one year on from its landmark Cyber Security Strategy, and outlined its plans for the coming year. The strategy focuses on both the challenges and opportunities in this field: supporting e-commerce and advancing capabilities to detect and defeat threats, but also helping to create and support, through international dialogue, an open, secure and vibrant cyberspace.
We are capitalising on the lessons learned from the Olympics. London 2012 was the first truly digital Games, and the experience underlined the importance of partnership with industry, as Government worked hand in hand with the private sector to combat and successfully avert potential cyber threats. My previous boss, Francis Maude, the UK Minister with oversight of the Cyber Security Strategy, recently hailed our "unprecedented partnerships with the private sector and academia," which "continue to improve awareness, skills and capability."
We need to develop and spread best practice, encourage the right market structures, and provide businesses and individuals with incentives and tools to manage cyber risk. In the last year, the Government has issued a range of supporting advice to help industry, including a list of the top twenty critical security controls for cyber defence and new Cyber Security Guidance for Business, launched in September at a meeting attended by the CEOs and Chairmen of prominent FTSE 100 companies. It has also begun a Cyber Incident Response pilot to provide organisations with access to companies certified to help them respond effectively to cyber security attacks.
In the coming year, the UK intends to establish the first UK national CERT (Computer Emergency Response Team) to co-ordinate the national response to cyber incidents. We are also set to introduce the new 'UK CISP' (Cyber Information Sharing Partnership), which will provide a confidential environment for industry and government to share information about cyber threats.
In addition, we will continue developing standards to allow consumers to identify those businesses with good 'cyber hygiene' and use that knowledge to make decisions about which products and services to buy. An annual Information Security Breaches Survey will show how industry is responding to cyber security threats and allow firms to assess their own performance against their peers' in order to drive up standards across the board.
Continued exchange of ideas between the UK, the US and our allies around the world will be essential to ensuring that the economic and social benefits of cyberspace are protected and available to all. For the first time, the UK has run its Get Safe Online public awareness initiative in parallel with the US, Canada and the EU. We are working with business and international law enforcement partners to identify, prevent, disrupt and investigate cyber crime and the development of the UK funded Cyber-Security Capacity-Building Centre will enable industry to bolster these initiatives and help raise cyber security levels globally.
There is still much work to do; but the UK's efforts continue apace--in close cooperation, as ever, with our US partners.
Follow Victoria Woodbine on Twitter: www.twitter.com/UKinUSA