Science academy calls for public bodies to be benchmarked on cybersecurity

Written by Rebecca Hill on 13 July 2016 in News

Government departments should measure themselves against rigorous, evidence-based cybersecurity standards, the UK’s national academy of science has said.

Science academy asks government bodies to measure themselves against set of standards - Photo credit: Pixabay

In a report on cybersecurity, the Royal Society set out a number of recommendations for government to improve the UK’s resilience to cyber threats and increase public trust.

It said that the UK needed to “reinforce and build on [its] strong digital foundations”, but that in order to do so it needed to create a “trustworthy, resilient and self-improving digital environment”.

The society said that this resilient digital environment would need to be governed by “institutions that are transparent, expert and have a clear and widely-understood remit”.

One step towards this, it said, was to create a kitemark or certification mark for digital products and services, so that consumers can judge its trustworthiness.

This should be accompanied by stronger, evidence-based standards for cybersecurity, which all publicly listed companies and public bodies – including government departments – should be measured against.

Related content

Councils must not be 'weak link' in cyber security, Whitehall told
MoD searches for hidden cyber security skills

There should also be better review processes for evaluating privacy presentation methods, and government should encourage organisations to report attacks and vulnerabilities to a coordinating body.

In addition, the report said that the government should work to create more incentives for improving security. However, it added that these should be light touch and fit in with commercial incentives so as to “preserve the agility and responsiveness” of the digital sector.

The society also called on the government to commission an independent review into the UK’s future cybersecurity needs, which must look at the institutional structures needed to support resilient and trustworthy digital systems.

This review will need to take into account the work and future of the National Cyber Security Centre, which was announced in November 2015 and will work with industry and academia. 

The society said that the centre was a “helpful and important step” in improving the UK’s institutional arrangements for cybersecurity because it would make it more open and collaborative.

However, the report said that having the centre reporting to GCHQ is “unlikely to be ideal” in the long-run, arguing that digital systems will become increasingly embedded across society and an increasingly large proportion of uses will be commercial and personal in the future.

As such, the society said that the review should look five to 10 years into the future and aim to develop future governance arrangements that better reflect the distribution of cyber threat across society.

Share this page




Please login to post a comment or register for a free account.

Related Articles

Government urged to commit to devolution to drive innovation and levelling-up
29 June 2022

Think tank report identifies benefits of city mayors, but finds many local officials are frustrated with current interactions with Whitehall

Ex-Whitehall top dog to join board of defence and security firm
27 June 2022

Former cabinet secretary Mark Sedwill has landed a non-executive role at BAE Systems

10 Downing St offers over £100k for data science whizz
23 June 2022

Prime minister’s in-house data science unit seeks senior manager to deliver ‘high-impact’ initiatives 

Parliament to delete data on MPs’ attendance after ministers decry FOI release
22 June 2022

Senior parliamentarians are understood to have complained about the storage and release of information collected from use of security passes