Defence CommitteeWritten evidence from Intellect

Intellect is the trade association for the IT, telecoms and electronics industries. Its members account for over 80% of these markets and include blue-chip multinationals as well as early stage technology companies. Our diverse cyber security portfolio reflects the fact that the technology industry has a critical role to play in the drive to online security, including providing agile solutions to cyber threats, supplying intelligence on attacks on information systems and in protecting itself, as part of the national infrastructure, from these attacks.

Intellect members commented that they do not believe they have sufficient detailed knowledge of MoD’s current cyber security capabilities and future requirements, nor adequate knowledge of how the Department and the Armed Forces are managing and responding to the cyber threat. However, following a consultation with a number of member companies Intellect have highlight below the issues most salient to the technology industry:

Cyber Threat: Whilst the MoD is clearly aware of the cyber threat, our members feel there is an issue in communicating the particular nature and extent of the threat it faces to industry and critically its supply chain, who, in many instances, provide and operate MoD systems. Due to sensitivity regarding classification levels, Intellect members have found that MoD threat briefings to industry have a tendency to be very high level. This can prevent business from coherently understanding the cyber threat, and consequently make it difficult for them to make informed investment decisions.

Co-ordination and awareness: Intellect believes that coherent cross-departmental MoD support for industry-focused information assurance standards which are designed as a minimum baseline would help to protect the supply chain and reinforce the wider critical national infrastructure. Our members are also keen to see greater clarification of the roles and responsibilities within the MoD. The Department has a key role to play in co-ordinating and disseminating information and a responsibility to inspire and direct industry investment in cyber through more transparency and greater cooperation with commercial partners.

Current military capability: The perception of industry is that the MoD does not appear to have the sufficient skills available for modern cyber-based warfare. Although our members do recognise effort is being made in this area, there may be scope for an enhanced military-industry partnership to address this capability gap.

Future skills: The Cyber Security Challenge, initiatives undertaken at various universities and the Territorial Army’s Land Information Assurance Group are all valuable initiatives. However, with the loss of skills to the private sector and the low uptake of Computer Sciences by British students at university level, a greater scale of investment in education both within academia and government is necessary to ensure the MoD has sufficient future capability.

   Intellect members commented that within MoD there are individuals with an extremely high level of cyber knowledge, however recent movements in personnel across government have affected the MoD’s cyber capacity.

Critical National Infrastructure: Industry has greater “pace and scale” than MoD and other government departments in terms of the ability to use resources to develop and scale cyber products and services, and this is not always recognised by government. Partnership and coordination with industry is essential and perhaps more work is required to identify the size, composition, strengths, threats and weaknesses in UK CNI.

20 February 2012

Prepared 8th January 2013