US and UK team up to test cyber crime response

While far from a new issue for security chiefs, cyber security has never been more of a concern for firms in Britain than it is today. 

A report published earlier this year by security solutions company Symantec named the UK as the world’s second most targeted nation when it comes to cyber crime, with around five in six large organisations subject to some form of attack. About two-thirds of attacks were aimed at small and medium-sized enterprises, placing not just the firms in question at risk but also their partners and clients.

With so much valuable data up for grabs to hackers who successfully infiltrate an organisation’s cyber defences, the frequency and volume of these attacks is only set to continue growing.

In the face of this ever-growing threat, the UK and US governments have teamed up with leading global financial firms to bolster their ability to respond to cyber incidents targeted at the industry. The joint exercise, unveiled earlier this year by prime minister David Cameron and president Barack Obama, forms part of the enhanced transatlantic effort to collaborate on defence against cyber attacks.

It highlights the shared belief between the two countries and the financial industry of the need to work together more closely in order to stave off online threats – a matter that is all the more important given the interconnectedness of the global financial system.

Rather than testing the strength of individual financial firms or systems against cyber attacks, the exercise was intended to boost understanding across the industry and governments in three primary areas: the sharing of information; handling incident response; and communication with the public.

Specifically, the exercise examined ways to increase online security collaboration through:

• improving existing measures geared around maintaining shared knowledge of potential threats between the two governments and the private sector
• increasing the shared understanding of cyber security information in each country, partially through scenarios that may involve a coordinated response and public communication
• working government-to-government and government-to-financial sector to exchange domestic best practice

The two governments have been quick to stress that the exercise was not a “cyber war game” and did not include elements of live play. Nor did it test the actions of law enforcement and intelligence agencies, or cover the entire range of the UK and US finance sectors.

The project has been hailed by the participants as a significant step in the continuing efforts between the UK and US to strengthen the resilience of the financial sector and improve existing cyber programmes.

Discussing the initiative, chancellor George Osborne said: “Our national security is a priority for this government – and that includes defending our cyber space.

“We train and prepare for the threat of a financial cyber incident. That is why this exercise is so important, and we will continue to work with our partners in the US to enhance our cyber cooperation.”

US Treasury secretary Jacob Lew added: “In our increasingly interconnected world, cyber criminals do not respect national borders and they target government, private industry and individual citizens alike. Confronting the cyber threat is a team effort that requires coordination at all levels.”

Our 2015 Mid-Year Report combines a review of the prevailing conditions in the security recruitment market with the results of a comprehensive compensation survey, covering both permanent and contract security practitioners.