According to a recent document produced by Bridewell Consulting, 86 percent of critical national infrastructure organisations located in the Great Britain have been subject to cyberattacks, which the attacks directed towards their day-to-day technology and main control systems. The trend over the past 12 months has seen attacks increasing. This is a trend that is not only confined to the U.K; it is also seeing replication worldwide.
When looked at alongside other issues such as smaller budgets and legacy infrastructure, this news becomes more worrying for system cybersecurity. One reason for the growing array of security issues and impacted organizations is perhaps due to a lack of control, assessment or understanding of the supply chain.
Steve Forbes, who is a Cyber Security Expert working at Nominet, tells Digital Journal that while the attacks are disturbing they were predictable.
Forbes states: “It is problematic that the number of cyberattacks on critical infrastructure is so high. When combined with an expanded level of vulnerability due to tightening budgets and increasingly out-dated legacy infrastructure, the report becomes even more concerning and this help to make the case for change in how we approach critical national infrastructure cybersecurity.”
Can more be done? Yes, according to Forbes: “With so much achieved with large-scale deployments such as the UK’s National Cyber Security Centre, which operates ‘Active Cyber Defence’ across the British public sector, the issue raises the issue of whether we need further collaboration and more extensive protections that build more cyber robustness across our most critical industries.”
With robustness, too much of industry is consumed in digitalization, the human factor, awareness, and the procedures. This means the importance of enabling sufficient time for system maintenance and for enhancing cybersecurity become important business aspects that tend to get overlooked.
Partnership working is needed in order to deliver, Forbes proposes: “Critical national infrastructure agencies, government and the cyber industry should collaborate with a clear focus on large scale interventions that create long-term change towards a more cyber secure nation, rather than relying on small incremental upgrades that relatively have much less impact. Ultimately, it’s only with this view to the future, can we sure up the resilience of UK cyber security for UK citizens.”
