New law to tackle cybercrime threat
IN one respect, being Security Minister is quite a simple job: keep Britain safe. Of course, that clarity marks a complexity of the challenges we face from terrorism and state threats to organised crime and distributed attacks. It is in the cyber world that the UK faces some of its sternest tests.
A quick look at the basic figures is enough to bring home the scale and severity of the issue we face.
New findings from the Cyber Security Breaches Survey show that 32 per cent of businesses experienced at least one cyber breach in the last 12 months.
This year, for the first time, the survey also tells us how many of these breaches resulted in a cybercrime being committed.
We can now estimate that 11 per cent of businesses were victim to at least one cybercrime. That cost each of them around £15,000 in the past year.
We must never lose sight of the fact that behind each of these online statistics is a real-world victim.
Each is a grandparent defrauded, and stripped of their savings. Each is a small business held to ransom, and jobs lost. Each is public money stolen, and the taxpayer short-changed.
The cyber-threat doesn’t just come from criminals. The ongoing war in Ukraine is a constant reminder of the threat we face from hostile actors. Russia has been trying to invade Ukraine’s cyberspace as much as its physical space, threatening critical information, critical services, and critical infrastructure.
The threat of further cyber fallout from conflict is very real to the United Kingdom and to all our allies.
At home we are seeing the overlap of state threats, terrorism and organised crime brought together online and off.
Against this troubling background our mission is clear. We must crack down on cybercrime, we must protect the United Kingdom from the most capable cyber adversaries – states, criminals and terrorists – all are trying to hurt us and all have made the online world work for them, delivering offline political gain and criminal profit.
That is no small brief, and it is not one any department, certainly not one Minister, can achieve alone. The task of cyber security falls to Government of course, but also to individuals, law enforcement, and to business.
The Government has already made phenomenal progress in building resilience and countering the threat from our adversaries.
The latest iteration of the National Cyber Strategy set out the UK’s role as a responsible and democratic cyber power, and laid down the framework on which the UK’s security and prosperity can depend. It’s the bedrock of everything we do to keep the UK cyber safe.
It also important that our laws are updated. That’s why we recently published a consultation on improving the Computer Misuse Act, which is an important part of deterring those who would commit crime, and equipping law enforcement to carry out their duties.
We are proposing to include powers to take control of domains and IP addresses used by criminals and enable action against individuals in possession of or using data obtained through the criminal actions of others.
This is an edited version of a speech given by Security Minister Tom Tugendhat at the CYBERUK Conference.