'We're not winning the war on cyber crime,' MPs told
RSA chairman Art Coviello argues war against cyber threats hasn't yet been lost or won
The UK continues to struggle against cyber criminals with no clear victory in sight. That's what the House of Commons Home Affairs Committee heard from the cyber security industry as experts gave evidence about e-crime.
"I don't think the war has been lost, but we're not winning it either," said Art Coviello, executive chairman of RSA, the security division of EMC.
Coviello told the committee that despite information technology now being so ingrained into the way the world operates, organisations and individuals don't pay enough attention to new types of cyber assault.
"What people sometimes overlook is the expansion of attack surfaces," he said. "There are so many points of entry; we've made it easier for the attackers."
Ilias Chantzos, senior director of government affairs for Symantec, agreed, while arguing that so far defences have largely held up.
"If we had lost the war [on cyber crime], then things wouldn't be working very well," he told the Home Affairs Committee, a reference to how, despite the hacking threat, it has yet to cause much serious and sustained damage to governments and infrastructure.
"This is a question about understanding that security is a moving target," Chantzos continued. "What's important is we adjust our scopes," he added, emphasising the need for organisations to react quickly as the nature of the threats changes.
That ability to react quickly, according to Professor Jim Norton, policy adviser and former president of the British Computer Society (BCS), comes down to properly training people to understand IT security issues.
"I can build the most perfect cyber security system," he said, "but if we don't educate our people properly, there isn't a technology solution."
The panel was also questioned about state-sponsored cyber crimes, with chairman Keith Vaz MP referencing a Verizon report launched the morning before the committee hearing. This report presented evidence that state-backed cyber attacks are on the increase. RSA's Coviello responded, arguing that the increase in frequency and complexity of attacks points to "a level of sophistication that can only be state sponsored."
As the hearing progressed, Professor Norton increasingly emphasised his view that education is an important element in the fight against hacking and other forms of cyber crime.
"We're missing a huge resource: the people," he told MPs, arguing that if people across all generations were sensitised as to what to look for, then individuals could be made aware of their duty to report potential cyber threats to the authorities.
However, Coviello disagreed, telling the Home Affairs Committee "attacks are far too sophisticated for the average person to detect".
Earlier in the day, Chloe Smith, minister for political and constitutional reform at the Cabinet Office, told the Information Security conference in London that the government's £650m spend on cyber security "underlines the importance" the government places on UK cyber security.