Critical infrastructureU.K. gives cyber agency enhanced role in critical infrastructure protection

Published 9 March 2011

The U.K government is set to expand the role of the Government Communications Headquarters (GCHQ) in protecting the critical national infrastructure (CNI) from cyber attack by giving it greater powers to collaborate with the relevant private sector bodies to monitor and deflect potential threats

The U.K government is set to expand the role of the Government Communications Headquarters (GCHQ) in protecting the critical national infrastructure (CNI) from cyber attack by giving it greater powers to collaborate with the relevant private sector bodies to monitor and deflect potential threats.

The Daily Telegraph reported that David Cameron last month summoned key CNI firms, including British Airways, BT, and National Grid, to discuss the plans.

V3 reports that the aim appears to be to expand the role of the Cyber Security Operations Center which currently works out of GCHQ, although security minister Baroness Neville-Jones told the paper that the plan had yet to get “buy-in” from all the relevant CNI companies.

What we need is greater situational awareness,” she reportedly said.

A BT spokesperson was quick to play up the firm’s ongoing cyber security work with the government.

Having been dedicated to addressing cyber security for many years, we have invested heavily in research and

development to understand the threats, and have built cyber resilience into our networks and services in the interests of our public and private sector customers,” said the spokesperson.

We already manage security solutions across the U.K.’s CNI and we will be collaborating with the government to share our expertise in protecting the U.K. against all cyber threats.”

Greater collaboration of this sort has been called for time and again by security experts, who see it as a vital part of protecting CNI from cyber attack.

A report from McAfee last year warned that attacks on critical infrastructure IT systems are widespread and growing in frequency, and could cost over $6 million (£3.7 million) a day on average.

In addition, a report from the Royal Academy of Engineering today warned that the U.K.’s critical infrastructure is too reliant on GPS technology, and could therefore be at risk of attack from cyber criminals.

Presumably some of the £650 million pledged by the government over the next four years to enhance its cyber security capabilities will go towards the reported plans.

So far just £63 million of that pot has been allocated towards cyber crime policing.