The Government has today published its much-heralded “Cyber Security Strategy of the United Kingdom“. The document is welcome and will lead to an Office of Cyber Security (OCS) being set up to “provide strategic leadership” across Government. In addition, a Cyber Security Operations Centre (CSOC) will be set up as part of GCHQ. This Centre will be responsible for “incident response”, as well as monitoring “the health of cyber space” and providing advice and information.
This all looks extremely positive, as does the philosophy under-pinning the Strategy which includes working in partnership with industry, being more integrated within government, tackling security challenges early, and being grounded in a set of core values based on human rights.
As ever, (forgive the lapse into cliche) the devil will be in the detail – and the detail is not contained in the Strategy. How much clout and authority will the OCS have within Government? Will the CSOC have the resources it needs to be sufficiently pro-active and will it have the legal powers to take appropriate action?