The report, outlined by the BBC, added that only three jurisdictions had “sufficient” plans in place in the event of a cyber-threat: Derbyshire, Lincolnshire and West Midlands.
The UK government has identified cybercrime – and specifically, large-scale cyber-attacks – as one of the top five threats facing the nation, up there with organized crime and terrorism. According to the government's definition, these threats would be "a criminal attack on a financial institution to gather data or money,” an "aggregated threat where many people or businesses across the UK are targeted,” or “the response to a failure of technology on which communities depend and which may also be considered a civil emergency.”
Given the potential for catastrophe, the BBC pointed out that the Home Office has required that every department have a policing response to counter it. But so far, most individual forces are not following the guidelines.
Worryingly, the report found that senior officers are largely "unsure of what constituted a large-scale cyber-incident,” noting that inspectors were "struck by how incomplete the police service's understanding of the national threats was."
“The report highlights the need to review policing priorities and the continued challenge of addressing the growing cyber-threat,” said Peter Armstrong, director of cybersecurity at Thales UK, in a note to Infosecurity. “As a nation we are only now waking up to the pervasive nature of the cyber threat, but we will have to recognize as a nation that there is a broad-based shortage of cyber skills, not just in the police service.”
Armstrong said he believes that police forces can rise to the occasion. “Adapting to new threats in the criminal space is not new to the police service, and The Home Office and newly formed National Crime Agency (NCA) are responding,” he said. “Working closely with regional law enforcement and police colleges, the NCA and the National Cyber Crime Unit have seen successes in helping to establish the capabilities that are needed to police this threat.”
The newly organized NCA has overseen the establishment of the NCCU with the remit to help martial a national response to the most serious cybercrimes; it has already established an NCA Special Constables scheme targeting specialist skills like cyber, supported by a strong recruitment campaign.
“At the same time, local law enforcement understands clearly their responsibility to protect the vulnerable in our society from cyber incidents and are working without exception to juggle their funding and distributing resources across an increasing landscape of criminality at a challenging time for budgets,” Armstrong added.
In response to the damning evidence, Chief Constable Justine Curran, the national policing lead for public order at the Association of Chief Police Officers, acknowledged the police had more to do, and said that they were ready to tackle the requirements.
"This report will assist chiefs and the College of Policing in this ongoing work and provide useful ideas for enhancement where this can be achieved within the current financial austerity across policing," she told the BBC.