Member Article

Justifying value for money in anti-cyber crime measures

The estimated annual cost of UK cybercrime will be between £18bn-£27bn, but Government spending on cyber security strategy will be challenging to justify.

According to a report from the National Audit Office (NAO), there will be difficulties in establishing value for money of the strategy, as if cyber attacks do not occur, it is hard to determine whether the strategy was at work.

The NAO suggest it will be hard to assign an overall value to the outcome of the strategy to set against its cost.

The UK Cyber Security Strategy, published in November 2011 set out how the Government planned to deliver the National Cyber Security Programme through to 2015, committing £650m of additional funding.

So far, the Serious Organised Crime Agency has prevented a potential loss of more than £500m, through the rescue of more than 2.3m items of compromised card payment details.

David Emm, senior security researcher at Kaspersky Lab, commented: “The government is keen to get the message out to businesses that they need to take cyber security seriously, using the expertise of GCHQ to engage with businesses.

“The launch of the GCHQ scheme encompasses threats to the Government’s own systems, but also the ‘critical infrastructure’ run by private companies. Initiatives to broaden the awareness of cybercrime must continue as targeted attacks are increasing.

“Organisations of all kinds and sizes need to understand that they have valuable data that is valuable to cybercriminals.”

The NAO’s report also says more skilled workers are needed in the fight against cyber crime.

Margaret Hodge MP, Chair of the Committee of Public Accounts, said: “Safe and secure use of the internet is increasingly essential for UK businesses to flourish and for our society to function. The value of the UK’s internet-based economy stood at an estimated £121 billion in 2010, some 8 per cent of the UK’s GDP, which is a greater share than for any other G20 country.

“The use of the internet for commerce and communication is a force for good, but it also poses new and growing threats that government, businesses and individuals cannot ignore. With around 80 per cent of the internet in private hands, crossing international boundaries and spanning different jurisdictions, the government cannot approach internet security in isolation.

“Having a robust and well thought-through strategy is crucial if the government is to respond effectively to cyber threats.

“This report stresses that government must work hand-in-glove with people and businesses in order to build awareness, knowledge and skills. With this government committing £650 million additional funding to cyber security, my committee will want to ask how the action of the fifteen government organisations involved in delivering the strategy is being properly coordinated and what progress has been made.”

This was posted in Bdaily's Members' News section by Tom Keighley .