The threat from cyber attacks appears to be steadily increasing. The WannaCry cyber attack in May 2017 was the most extensive ransomware attack to date. It severely affected the NHS and led to many tough questions about cyber security in public institutions and across government.
In light of growing challenges, this policy promises to strengthen cyber security standards in government and public services.
Since the election in June 2017, the government has stepped up its implementation of the National Cyber Security Strategy (NCSS). Three areas are of particular relevance for this policy:
- Securing cyber resilience in health and care. This programme has multiple strands and aims to increase the NHS’s resilience to cyber attacks, protecting patient data and patient care.
- Local Government Association cyber resilience funded programme. Supported by the Cabinet Office, this programme invites councils to present bids for funding to address issues raised by their cyber security stocktake.
- Minimum cyber security standard protocol for government departments. This outlines the minimum security measures government departments must implement to meet their obligations under the NCSS.
Taken collectively, these initiatives demonstrate a commitment to fulfilling this manifesto pledge, so we’re marking this as ‘in progress’. With technology and cyber threats developing rapidly, ensuring that all public services “follow the most up to date cyber security techniques” is a huge challenge – using that as the benchmark, it seems unlikely this policy can ever be moved to ‘done’. We’ll keep monitoring and will consult with independent experts on whether the government has achieved its objective. Follow this policy for updates.
Strengthen your understanding, get the details
- Cyber attacks – National Cyber Security Centre
- Massive ransomware infection hits computers in 99 countries – BBC News
- Investigation: WannaCry cyber attack and the NHS – National Audit Office
- National Cyber Security Strategy 2016-2021 – Gov.uk
- Securing cyber resilience in health and care – Gov.uk
- LGA – Cyber resilience funded programme 2018/19 – Local Government Association
- Minimum Cyber Security Standard – Gov.uk
- Your Data: Better Security, Better Choice, Better Care – Gov.uk