What the National Cyber Security Strategy means for your business

In January this year, the Government announced it was investing £2.6 billion in cyber over three years as part of the Government Cyber Security Strategy.

The aim of the Strategy is that Government functions will be ‘significantly hardened’ to cyber attack by 2025 – with important implications for companies working with Government. 

The new strategy comes against a background of increasing attacks on public services – with the Government highlighting ransomware and phishing attacks against the NHS.

The Government’s Active Cyber Defence took down 2.3 million malicious campaigns, including 442 phishing campaigns using NHS branding, and even fake NHS apps.

The Government points out working from home has offered cybercriminals new ways to attack Government organisations and companies which work with them. 

‘We need to act. Our core government functions, from the delivery of public services, to the operation of National Security apparatus, must be more resilient than ever before to cyber attacks.’

Chancellor of the Duchy of Lancaster Steve Barclay

A key part of the National Cyber Security Strategy is the Network and Information Systems (NIS) regulations.

These aim to boost the cyber security of systems that are critical for the provision of digital services and essential services such as transport, energy, water and health. 

This year’s Cyber Strategy says that cyber risks to UK critical national infrastructure should be ‘more effectively managed’, saying, ‘For Operators of Essential Services designated under the NIS regulations this means at least meeting the baseline standard set by the relevant Competent Authorities for each sector.’

Britain’s National Cyber Security Centre offers an introduction to the NIS regulations here

What this means is that if your business is in the critical sectors of financial services, health, water, energy, transport and telecommunications you will be required to assess your risks and ensure that appropriate controls are in place.

Stratia Cyber can help

As a founding National Cyber Security Centre (NCSC) Certified Cyber Security Consultancy, Stratia Cyber meets the NCSC’s standards for high-quality tailored cybersecurity advice. 

For companies working in sectors such as energy, Stratia Cyber also has the specific skills and experience with the Industrial Control Systems (ICS).

Contact us for more information.