Hacked Companies ‘Should Go Public’, Says Ex-Minister

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.techweekeurope.co.uk/security/cyberwar/liam-fox-uk-government-security-183555

Former defence secretary Liam Fox also calls for new government investment
in cybersecurity protection

Companies who have suffered a cyber-attack or data breach should be
encourage to go public with the news in order to keep customers and
shareholders properly informed, Liam Fox, former defence secretary has said.


In a speech to the defence and security think tank the Royal United
Services Institute (RUSI), Fox argued the government needs to change the
law to make it illegal to be hacked without informing shareholders and
other stakeholders.

“Any organisation that does business with government should have a minimum
defined level of cyber security or they will be excluded from government
contracts,” Fox proposed.

He also called for cyber security to fall under the remit of a single
government minister as part of an increased focus on the damage online
attacks can have of businesses of all sizes.

Keep safe


Fox, who was Defence Secretary during a period of intense cost-cutting and
downsizing of Britain’s armed forces, called for the UK “to develop proper
cyber doctrine in the way that we did in the emergence of the nuclear era.”

He also warned that the growing global cyber threat “may mean that we will
have to disinvest in some of the things that we can see, our traditional
military capabilities, so that we can invest in things that we cannot see,
ie cyber capabilities.”

These actions will help protect the UK against the growing threats of cyber
warfare, Fox believes, noting that, “terror groups have been increasingly
involved in projects to make drones ineffective or, worse, to turn them
around and send them back to return fire on their senders.”

“Although we talk about cybercrime, cyber espionage, and cyber warfare as
being separate entities they are in fact part of a continuum.”

Taking charge

Fox also recommended that centralising responsibility for cybersecurity
precautions to a single government minister may help to focus efforts to
keep Britain safe.

“I would like to see all government cyber activity, including both its
offensive and defensive capabilities concentrated in one place and
answerable to a single ministerial portfolio,” he said.

Responsibility for cybersecurity currently falls under the remit of several
government department spending on the issue at hand, with the Ministry of
Defence, Cabinet Office, the Foreign Office and Department of Culture,
Media and Sport all having stepped up recently.

Fox’s views were welcomed by the technology industry, which highlighted the
importance of increased industry collaboration between enterprises,
government and law enforcement to help mitigate risk.

“The persistence and complexity of cybercriminal activity today has meant
that it is no longer a case of if businesses will be targeted but when,”
commented Terry Greer-King, director of cybersecurity at Cisco UK.

“Given the extent of the issue, businesses of all sizes need greater
awareness of the current threat landscape to ensure they are best prepared
to protect against the risks, therefore we welcome the call for greater
disclosure around the number and severity of hacks taking place.
Collaboration between enterprises, government and law enforcement is vital
to allow for efficient detection and remediation of cybercriminal activity.”

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Need access to data breach details or alerts when new breaches happen? Risk Based Security's Cyber Risk Analytics 
portal, fueled by the RBS breach research team, provides detailed information on how data breaches occur and which 
vendors to trust. Contact us today for a demo.