So where is all the money going then?
Detica and The Cabinet Office released a report today, which put the cost of Cyber Crime to the UK economy at £27 billion and claimed this is roughly twice the cost to the UK economy of the illegal drugs trade (£13.6 billion).
I’ve additionally discovered today that road accidents cost the UK economy £18billion, and that rats cost farms £100 million per annum. Umm, so what? The point is that you have to be sceptical about many of these sorts of calculations, since they rely on arbitrary judgements, extrapolated up by volume. I am certain that working hard enough I can use figures to prove everything. As Vic Reeves may have said, 88.2% of statistics are made up on the spot.
Theresa May announced yesterday that the Police would be given £63 million out of the £650 million pot allocated at the CSR for Cyber Security. Loving your work Theresa. However, this represents less than 10% of the funding allocated. I am also given to understand that some of the £650 million pot is to be allocated to the PSN.
This is all good. It’s good for the InfoSec industry, and it’s good for the UK citizen. But the question is, where’s the rest of it going and on what?
If you ignore for the moment a rather cynical view of the justification figures, it’s about time we cracked spending this money. I’ve just spent most of this week working and talking with people who know an AWFUL lot about this topic, and I was horrified at some of the stories they told. And these were the stories they could tell to the likes of me, which means the really bad stuff they don’t tell you is going to be just plain awful.
The key theme that emerged from their stories was the idiot factor: people doing things they shouldn’t. People that really, truly, should know better. So with that in mind, perhaps some of this cash needs to be spent on education. Campaigns like Get Safe Online are laudable, but I have to say, they don’t always get the coverage they deserve. How much more good would they do if they were turbo charged by another £100 million? Don’t get me wrong, shoring up flaky IT systems to stop people in far-flung lands hacking into our systems is a Good Idea. But if Joe Public is part of the problem too, simply because they don’t understand (and why should they?), then it’s an equally pressing issue.
Get spending the Cyber Defence cash on projects for cool computers with flashing lights, but don’t forget to educate your citizens. Blocking nasty stuff from the outside is pointless, if it’s being undermined from the inside.