It is no surprise that the government now has cyber threats at the top tier of its national security issues. Cyber crime costs the country billions of pounds a year and attacks can damage the critical national infrastructure.
But there is an opportunity in the face of the threat. One of the big themes to emerge at the Westminster Briefing/Dods Cyber Security Forum in London this week was that developing successful cyber security solutions can open new lines of business at home and overseas to provide a boost for the UK economy.
The national bill for cyber crime is at least £27 billion a year – an estimate from information assurance specialist Detica that was cited by Lee Miles, deputy head of the National Cyber Crime Unit.
He warned this could easily increase as new opportunities arise for the criminals. These can come in the form of the online services around government programmes such as Universal Credit, the increasing take-up of cloud services, and the emergence of the new IPv6 generation of internet addresses. These will create uncertainties among consumers and business which criminals will look to exploit.
Threats also emerge from denial of service attacks that can disrupt vital operations for the public and private sectors. Rhys Bowen, deputy director for cyber security and information at the Cabinet Office, highlighted the example of attacks on the Environment Agency website during heavy flooding, an episode that caused concerns at the top of government.
There is a clear imperative in dealing with these threats, both for individual businesses and on a national scale. It is a business problem, not a technical one, and it disproportionately hits the small and medium enterprises which can seed economic growth.
But cyber security takes on a further importance when you consider what the solutions can add to, as well as saving for, the economy. The Department for Business, Innovation and Skills has estimated that the relevant products and services contributed £2.8 billion to the UK economy in 2013, and this will rise to £3.4 billion by 2017.
This relatively modest growth is based on existing capabilities. IT industry association TechUK is carrying out a number of initiatives to support these through its Cyber Growth Partnership and is planning to provide export guidance and more support for SMEs in the field.
The question is whether it is possible the build on that. Cyber threats continue to grow and the demand for solutions and services is bound to increase, which means the providers are looking at an expanding market. They can feed in-house capabilities and provide services, and if they prove their expertise they have the potential for a big export market. It could provide a boost for the national economy.
The big constraint, however, is in the existing skills base. According to Stephanie Daman, chief executive officer of Cyber Security Challenge, there is already a skills gap in the sector. "If we want to strengthen our capabilities and realise all the opportunities in this space we need a lot more cyber security professionals," she said.
It is partly a symptom of the decline of IT teaching in schools, as not enough young people are coming through the core skills, but also the fact that some who have them have not been giving much thought to cyber security as a career. Daman said this is where it needs the type of encouragement that Cyber Security Challenge is trying to provide through its series of projects.
"Cyber security is about creativity and innovation," she said. "It’s about what you can put together to achieve what you want to achieve."
Such efforts can produce results in the medium term, but longer term the UK is only going to meet the rising demand for cyber security specialists with the right options in schools and universities. If the government and the industry gets it right it could stave off the threats and exploit the opportunities over the long term.