According to a report from the National Audit Office (NAO), cybercrime in the UK cost taxpayers between £18 billion and £27 billion annually. The rising costs are only one part of the picture, as the volume of attacks is skyrocketing and there is a shortage of qualified workers to deal with the threat.
The latest NAO report is a follow-up to the strategy published in 2011, which details the UK’s plans for cyberspace through 2015. While there were an estimated 44 million cyber attacks reported in 2011, equating to some 120,000 per-day, there has been some progress made.
According to the report, SOCA repatriated more than 2 million items of compromised card payment details to the financial sector in the UK and internationally, preventing a potential economic loss of more than £500 million. Moreover, personally reported cyber crimes by the public have prevented nearly £300 worth of attempted fraud.
Yet, the lack of skill is where things bottleneck.
The latest NAO findings say that there is a serious challenge to the government when it comes to a technologically skilled workforce. Namely, there are not enough skilled employees in the workforce already, and there needs to be more done in the classroom to ensure that the gap can be filled by those just entering the market. On top of this, the NAO report recognizes that there is a problem actually funding cybercrime initiatives, because of a lack of perceived value.
“This report rightly points out just how complex it has become to thwart cyber crime in the UK. There is no question that a shortage of skilled professionals is extremely detrimental to our cyber defence effort and it is something the government seriously needs to address if it wishes to defend itself from today’s sophisticated attacks,” said Thurstan Johnston, sales engineer at cyber security expert Faronics, in an emailed statement.
“However, there is not just a skills gap to consider, but also a huge awareness gap that needs to be filled… If the government can begin educating today’s younger generation on both these deficiencies the UK will be in a much stronger position when faced with tomorrow’s cyber attacks.”
Paul Davis, Director of Europe at FireEye, said that it was hardly surprising that the UK was deemed unprepared to tackle current cybersecurity threats, as there has been a longstanding culture of complacency when it comes to proper cyber defense until late.
“It is a great step forward to propose greater promotion of science and technology in schools to develop the next generation of cyber security experts, but what happens in the meantime? […] With so many attacks reported daily, the odds really are stacked against organisations – and it’s time to fight fire with fire,” he said.
The full NAO report is available online.