The release of the UK government’s Cyber Security Strategy for the next eight years, outlining its approach to building a cyber resilient public sector, has prompted this response from one leading security player.

“The UK, in common with every democracy in the world, faces significantly increasing cybersecurity threats,” comments Zeki Turedi, CTO EMEA, CrowdStrike. “The government is right to take action, as these threats from state-sponsored adversaries and criminal groups continue to grow, annually. The Cyber Security Strategy is a step in the right direction, especially with its emphasis on collecting events and identifying them before they become more serious incidents or breaches.

“Hand-in-hand with this is enhancing the UK’s detection abilities, which the strategy also identifies. This is critical, as the faster there is visibility into the initial stages of an attack, the better chance there is to stop breaches. Best practice is for the government to hold itself to the principle of 1:10:60 - 1 minute to detect, 10 minutes to triage and 60 minutes to contain.”

Critical to the government’s efforts is using the knowledge and expertise from across the security sector to better prepare the public sector, he adds. “The private sector is dealing with countless threat actors, regulations and business complexities. The knowledge from these incidents, in addition to the agility of the private sector, can be exponentially beneficial to the government when shaping tomorrow's policy and defences.”