The funding commitment, which is less than the £1bn reported last week, is contained in the Strategic Defence and Security Review, which calls for a major overhaul of the UK’s defense policy and budget. The review follows closely on the heels of the National Security Policy, which outlined the UK’s broad national security threats and objectives.
Through the National Cyber Security Programme, the UK government will overhaul its approach to tackling cyber crime by creating a single point of contact where business and the public can report cyber crime and by introducing a program to educate the public about cyber threats. The Home Office intends to publish a new National Cyber Crime Strategy later this year.
The UK government will also address deficiencies in the country’s ability to detect and defend against cyber attacks from terrorists, states, and other hostile actors. This will include improving the delivery of cyber products and services to industry and increasing investment in national intelligence capabilities.
A new organization, the UK Defence Cyber Operations Group, will be set up within the Ministry of Defence (MOD) to “ensure the coherent integration of cyber activities across the spectrum of defence operations. This will give MOD a significantly focused approach to cyber, by ensuring the resilience of our vital networks and by placing cyber at the heart of defence operations.”
The UK government will also work with industry to address weaknesses in cybersecurity defense of critical infrastructure. This initiative includes setting up a new cyber infrastructure team within the Department of Business, Innovation and Skills. The government will also sponsor long-term cyber security research, working with the Research Councils and the private sector.
The defense review also calls for greater cooperation in cybersecurity defense with the United States and other “like-minded nations.” This will include a comprehensive UK-US memorandum of understanding to expand the sharing of information between the two countries and the joint conduct of operations in the cyber domain.
In addition, a new Cyber Security Strategy will be developed to incorporate these changes in a broader strategic concept, which is expected to be published in the spring of 2011.
The National Cyber Security Programme will be overseen and implemented by a new management office in the existing Office of Cyber Security and Information Assurance within the Cabinet Office.