The Home Office is inviting bids from media, PR and creative agencies for the communications campaign, which is part of the Government’s National Cyber Security Programme. The Cabinet Office, Department of Business, Innovation and Skills and partners from the business sector including Get Safe Online are all participants in the initiative.
“The digitization of the UK economy has made our lives easier and has created huge opportunities, but it has also created individual security risks as well,” said Security Minister James Brokenshire, in a statement. “If we are to meet these new challenges it’s essential we step up our efforts to stay safe online. The threat of cybercrime is real and the criminals involved are organized and driven by profit.”
He noted that the UK’s National Fraud Authority (NFA) has shown that minor improvements to online behavior among people and small businesses could prevent significant losses online. Many cyber incidents can be prevented by adopting simple steps such as not sharing passwords, he noted. “By making small changes, British businesses can remain competitive in the global economy and consumers can have greater confidence using the internet,” Brokenshire said.
There is, of course, primarily a business development point to all of this. “£4 million isn’t a paltry sum, and the British government needs to promote the fact it is doing everything possible to develop a safe trading and business environment to encourage investment,” said Ashish Patel, regional director at Stonesoft, in a note to Infosecurity. “Security is a key factor in this, and the popularization of basic knowledge regarding cybercrime and safety issues amongst the whole nation is imperative for this to ultimately succeed.”
Meanwhile, small and medium-sized businesses tend to be less aware than their larger counterparts when it comes to cyber threats, considering the lack of resources they face.
“SMEs form the backbone of the UK economy and without the resources always available to larger enterprises basic cracks in security measures can appear,” said Mark James, technical director at ESET UK, in an emailed comment. “When breaches in security can cripple a company in terms of both financial and reputational damage, it’s encouraging to see the government taking a lead in helping businesses build up resistance to threats by equipping them with the skills and confidence to adequately educate staff on the ways to spot malware and hacker threats.”
The campaign will also address the gross misconception that small- and medium-sized businesses have in thinking they’re too small to attract hacker notice.
“SMEs probably think they’re not at risk from cyber-attack because they consider themselves to be under the radar of cyber criminals, but in truth any business operating online—which means just about any type and any size of organization—can become a target,” said Darren Anstee, solutions architect team lead at Arbor Networks. “These days an organization can be targeted because of the market it operates in, what it sells, who its customers are or who it is affiliated with. And, the motivations behind attacks are now very broad, from ideological hacktivism through to competitive take-out, so it’s very difficult to assess when/if an organization might be attacked. Also, the explosion of inexpensive and readily accessible attack tools, malware toolkits and DDoS services means that pretty much anyone can carry out an attack, if they want to.”
While such initiatives are always steps in the right direction, some suggest bringing disparate efforts together into one singular, coordinated approach to educate businesses and citizens about cyber threats.
“There are now a number of initiatives spread across Her Majesty’s Government and, for our part, we’d like to see a single coordinated campaign that explains the dangers in a straightforward way to board members and directors of organizations both large and small,” said Graeme Stewart, director of public sector strategy at McAfee, in a comment.
He also noted that the government can only do so much. “For the government’s digital transformation programs to be successful, UK citizens need to take a certain level of responsibility for their own online safety, in order for them to take full advantage of the ‘Digital by Default’ mantra currently in play across the UK public sector.”