Science academy calls for public bodies to be benchmarked on cybersecurity
Government departments should measure themselves against rigorous, evidence-based cybersecurity standards, the UK’s national academy of science has said.
Science academy asks government bodies to measure themselves against set of standards - Photo credit: Pixabay
In a report on cybersecurity, the Royal Society set out a number of recommendations for government to improve the UK’s resilience to cyber threats and increase public trust.
It said that the UK needed to “reinforce and build on [its] strong digital foundations”, but that in order to do so it needed to create a “trustworthy, resilient and self-improving digital environment”.
The society said that this resilient digital environment would need to be governed by “institutions that are transparent, expert and have a clear and widely-understood remit”.
One step towards this, it said, was to create a kitemark or certification mark for digital products and services, so that consumers can judge its trustworthiness.
This should be accompanied by stronger, evidence-based standards for cybersecurity, which all publicly listed companies and public bodies – including government departments – should be measured against.
There should also be better review processes for evaluating privacy presentation methods, and government should encourage organisations to report attacks and vulnerabilities to a coordinating body.
In addition, the report said that the government should work to create more incentives for improving security. However, it added that these should be light touch and fit in with commercial incentives so as to “preserve the agility and responsiveness” of the digital sector.
The society also called on the government to commission an independent review into the UK’s future cybersecurity needs, which must look at the institutional structures needed to support resilient and trustworthy digital systems.
This review will need to take into account the work and future of the National Cyber Security Centre, which was announced in November 2015 and will work with industry and academia.
The society said that the centre was a “helpful and important step” in improving the UK’s institutional arrangements for cybersecurity because it would make it more open and collaborative.
However, the report said that having the centre reporting to GCHQ is “unlikely to be ideal” in the long-run, arguing that digital systems will become increasingly embedded across society and an increasingly large proportion of uses will be commercial and personal in the future.
As such, the society said that the review should look five to 10 years into the future and aim to develop future governance arrangements that better reflect the distribution of cyber threat across society.
Campaign groups Foxglove and The Citizens to launch court case in two weeks if practice is not stopped
Report identifies delays in accessing information to alert those that needed to shield as chief auditor points to ‘challenges posed by legacy data and IT systems’
With the Online Safety Bill now published, former police superintendent Iain Donnelly writes for PublicTechnology on the challenges that need to be overcome in order to ensure the law’s...
Annual Civil Service People Survey also shows rise in pay satisfaction
PublicTechnology talks to Salesforce about why police forces need to adopt new omnichannel capabilities, offer the public channel choice and the benefits of doing so
It’s been one of the most challenging years for healthcare providers, but Salesforce sees lasting change from accelerated digital transformation
Cloud-based applications can provide ways for agencies and departments to innovate and operate in new ways, as the past year has highlighted they must, writes Oracle