UK parliament members have warned that the confidence in the country’s ability to deal with cyber attacks is being dampened by its “chaotic” approach in handling personal data breaches. A shortage of cyber skills is also undermining confidence, MPs said in a report.
The Public Accounts Committee (PAC) warns that the threats to cyber security are growing rapidly and government faces “a real struggle” to put in place required staff with the skills to prevent them.
“The UK’s chronic cyber skills crisis presents significant challenges for both government and for businesses when it comes to resourcing tech talent to tackle the rising tide of attacks,” said Peter Carlisle at Thales e-Security.
READ: ‘Weaponising missinformation’ to destabilise the West – UK Defense Secretary Sir Michael Fallon warns of Russian hacking
“That’s why it’s vital that the public sector works closely with industry through organisations such as the National Cyber Security Centre to develop stronger processes around data security and ensure the next generation are properly trained with the necessary cyber skills.”
The Committee said that cyber attack threats have been one of the top four risks to UK security since 2010. The government, however, has taken too long to consolidate and coordinate the ‘alphabet soup’ of agencies that protect Britain.
According to the PAC, the processes of the government departments to record departmental personal data breaches are inconsistent and dysfunctional. Low-level breaches have also been poorly recorded
The MPs added that the poor recording processes undermine the confidence in the ability of the Cabinet Office to protect the nation from higher-threat cyber attacks.
PAC Chair and MP Meg Hillier said: “Government has a vital role to play in cyber security across society but it needs to raise its game.
“Its approach to handling personal data breaches has been chaotic and does not inspire confidence in its ability to take swift, coordinated and effective action in the face of higher-threat attacks.”
The Committee calls for the Cabinet Office to develop a detailed plan for the new National Cyber Security Centre (NCSC) by the end of the current financial year.
Cyber attacks on Tesco, Sage, and TalkTalk have recently highlighted the challenges in fighting data breaches.
In November last year, Tesco Bank disclosed that around 20,000 customers had lost money and a further 20,000 had fallen victim to suspected “online criminal activity”.
Similarly, in an attack on TalkTalk in 2015, hackers stole names, email addresses and phone numbers of more than 157,000 customers of the company.
PAC added: “The use of the internet for cyber crime is evolving fast and the government faces a real struggle to find enough public sector employees with the skills to match the pace of change.”