The government has not done enough to protect the UK from the growing risk of cyber attacks, MPs have warned.
The influential Public Accounts Committee (PAC) today published a report criticising the government for not making sufficient progress in its cybersecurity strategy.
The PAC said the UK’s plan for fending off cyber attacks had been hampered by the lack of a robust evidence base to make informed decisions.
The report criticised the Cabinet Office, which is in charge of the UK’s cybersecurity strategy, for failing to develop a business case for its programme, adding it could not justify the £1.9bn funding required over the five-year plan.
In addition, the MPs said it was not clear what the strategy will actually deliver by 2021, and urged the government to clarify its aims when it publishes a costed plan later this year.
“We welcome the National Cyber Security Strategy but are concerned that the programme designed to deliver it is insufficient,” said PAC chair Meg Hillier.
“In the interest of national security, the Cabinet Office needs to take a long-term approach to protecting against the risk of cyber-attacks. Future plans should be based on strong evidence, business cases should be rigorously-costed to ensure value for money, and strategic outcomes and objectives should be clearly defined.”
Warning that the UK is more vulnerable than ever to cyber attacks, the PAC also called on the government to do more to enhance cybersecurity throughout the economy, and to make sure consumers’ data is adequately protected.
“The UK is safer since the launch of our cyber strategy in 2015,” a Cabinet Office spokesperson said.
“We have set up the world-leading National Cyber Security Centre, taken down 140,000 scam websites in the last year, and across government have helped over a million organisations become more secure.”