UNITED KINGDOM
UK lawmakers have raised concerns about the Public Service’s capacity to deal with cybersecurity threats.
The Government has refused to commit to all PS staff being given cybersecurity training, but said it was willing to “think creatively” about how to address the problem.
Parliament’s Joint Select Committee on the National Security Strategy said the Government should explore more creative options in building cybersecurity capacity both within its Departments and in businesses that uphold critical national infrastructure, such as the National Health Service.
The Committee said all PS employees should be made to undergo basic cybersecurity training and continuing professional development.
It called for an online portal setting out the material and financial support available to all organisations involved in critical national infrastructure to help them recruit people with cybersecurity skills and upskill existing employees.
In its response, the Government said PS staff were required to undergo training on the Government’s security classification policy, “including basic elements of cybersecurity”.
“Different Departments set their own mandatory training on the basis of their particular circumstances, including their own risk profiles,” the Government said.
However, it did not address the Committee’s call for mandatory continuing professional development in cybersecurity skills.
Responding to the recommendation to set up an online portal, the Government said there were already various mechanisms for sharing information about skills-related support for organisations.
“Given the importance of critical national infrastructure, we will consider what more can be done to make this easier to navigate and provide more tailored advice,” it said.
London, 17 November 2018