Cyber security is a top tier national security priority for the UK Government, said the authorities after a February 5 meeting hosted by the Lib Dem business minister Vince Cable.
The summit, the first of its kind, brought together regulators for the financial, water, energy, communications and transport sectors with ministers and senior officials from the security and intelligence agencies to discuss working to address cyber threats to essential services. The group was briefed on the cyber threat and on the role already being played by the Bank of England and OFCOM, before agreeing common actions.
Vince Cable said: “Cyber attacks are a serious and growing threat to British businesses, but it is particularly important that those industries providing essential services such as power, telecommunications and banking are adequately protected to avoid disruption to our everyday lives. We can only achieve this objective through a partnership between government, the regulators and industry. Today’s event marks the next step in highlighting the important role of the regulators in overseeing the adoption of robust cyber security measures by the companies that supply these crucial services.”
Andrew Bailey, Deputy Governor Prudential Regulation, Bank of England and CEO of the Prudential Regulation Authority said it is essential for financial stability that the UK financial system and its infrastructure continues to work towards improving its ability to withstand cyber-attacks. Hence the Bank of England published the findings of Waking Shark II, an exercise which tested the response of the wholesale banking sector to a simulated cyber-attack.
Andrew Bailey said: “Today’s meeting is an important opportunity, bringing government and regulators together, in partnership, to discuss the nature and extent of cyber threats to their respective sectors. The role that regulators such as the Bank of England and OFCOM are already taking to embed cyber security in their sectors is vital, as set out in a joint communique outlining steps that government and regulators agree to undertake to help manage cyber risk across each sector.”
The joint communique outlines steps that government and regulators agree to undertake, such as:
exercises to test procedures and resilience (similar to the Waking Shark I and II exercises conducted by the financial sector)
the adoption of security standards and auditing against best practice such as Ten Steps to Cyber Security
information sharing through initiatives such as the CISP (Cyber Security Information Sharing Partnership) launched in March 2013.
