UK ISPs: Government Must Take Lead on Cybersecurity

The UK’s ISPs have called on the government to streamline the number of regulatory bodies dealing with cybersecurity, improve cybercrime reporting processes and set minimum standards for the industry.

The latest survey from the Internet Services Providers’ Association (ISPA) found that 88% suffer regular cyber-attacks: half of these on a daily basis.

However, they’re responding appropriately. Cybersecurity is a high or very high priority when it comes to day-to-day operations for 61% of ISPs, and an overwhelming 94% said they expect to increase investment in the area over the next three years.

Some 86% also plan on implementing the NCSC’s Active Cyber Defence strategy, which the GCHQ body claimed this week had driven some encouraging results over the past two years.

ISPs are very much on the front line when it comes to cyber-threats facing their customers, so it’s heartening that all respondents claimed the industry should play a proactive role in handling attacks, while 78% said they already offer cybersecurity services to their customers.

However, there appears to be a distinct lack of confidence in the government’s role, especially when it comes to the regulatory environment.

“Despite increased awareness about the importance of cybersecurity, government and law enforcement must turn their words into actions,” argued ISPA chair, Andrew Glover.

“In order to ensure the UK has an effective cybersecurity regime, the government should streamline the number of organizations involved in the cybersecurity landscape to minimize confusion. This needs to be underpinned by clear minimum standards on cybersecurity, set by government, and improved online cybercrime reporting processes.”

Some 40% of ISPs believe the response to cybercrime could be improved if there was better collaboration and coordination within the industry, although half currently don’t share their experiences with peers.

The industry also believes law enforcers need to get better at tackling online crime.

Nearly two-thirds (62%) of respondents said cybercrime handling would improve if police took a more coordinated approach, while 31% suggested that better cybercrime training was necessary. These were also the top two priorities reported in the 2016 survey, showing progress has not been made thus far.

It was revealed earlier this year that UK police spent £1.3m on cybersecurity training over the past three years.

What’s Hot on Infosecurity Magazine?