A report by PWC on the Global State of Information Security Survey identified that 2014 saw a 48% increase of security incidents over 2013, with the resulting financial loss increasing by an average of 34%. In the United States, President Obama called cyber threats from overseas a ‘national emergency’; and the UK Department of Business Innovation & Skills reported that 81% of large organisations experienced a security breach.
According to Natalie Black, director of the UK Office of Cyber Security and Information Assurance, it is not all doom and gloom as there has been more international coordination on cyber threats. Black notes that cyber security is now being taken more seriously and it is “fundamental to [the] effective functioning of society”, and that “we should welcome the opportunity to collaborate”.
The success of a number of international cyber security initiatives in the past year has already demonstrated the positive impact cross-border collaboration can have. For example, a recent collaboration involving five U.S. federal agencies, the UK, 11 other governments, and 13 private-sector companies, was able to take down GameOver Zeus botnet, a network mechanism designed to steal banking credentials from infected computers. Furthermore, in December last year, Europol, ICE, Homeland Security and other law enforcement agencies joined forces to seize nearly 300 domain names that were selling counterfeit merchandise.
These are just a couple of isolated examples, but a strong cyber security relationship is developing between the UK and the United States. The Fulbright Cyber Security Awards, a bi national, trans-Atlantic academic awards programme between the UK and the United States offering research scholarships, and the Cyber Security Challenge Schools Programme, aimed at inspiring future cyber security professionals, have both been introduced to develop talent to deal with cyber threats and harmonise the efforts of both governments. Indeed, David Cameron’s visit to Washington, D.C., to plan a joint ‘cyber cell’, further highlights this commitment.
Cybercrime is not limited by borders, so neither should cyber security be. The multinational nature of business now means this threat cannot be dealt with on a country-by-country basis, so by working with other countries, the UK hopes to be able to deal more effectively with the cyber threat and protect its industries. With eight out of 10 of the largest British companies having suffered serious cyber-attacks, let’s hope these relationships have the desired effect.