UK security services are stepping up their work with companies to combat cyber threats

Stay informed with free updates

Simply sign up Cyber ​​security myFT Digest – delivered straight to your inbox.

Britain’s security services, including MI5, are stepping up work with some of Britain’s biggest companies as fears grow that the economy could be hit by more targeted cyber attacks.

Ministers are increasingly concerned about the level of resilience within UK businesses and the potential impacts Through supply chains and essential services throughout Britain.

As a result, further discussions are taking place about improving the UK’s preparedness against it Cyber ​​warfareaccording to three people familiar with the discussions.

There are ongoing talks within the security services and government about whether it is possible to combine various existing cyber and resilience units, the people said.

One topic under review is whether the National Cybersecurity Center should be strengthened to take a more active role in companies’ cyber defenses rather than relying on companies informing them of their best practices.

Security services had already begun strengthening their communications with companies before the recent cyber attack on Jaguar Land Rover, according to four people familiar with the situation. The hack caused the automaker to shut down production for six weeks and has been activated Government-backed loan worth £1.5 billion To help limit the damage.

Some large telecoms groups, utility providers, energy companies, food suppliers and financial systems have held dialogues with UK security agencies.

John Butterworth, chief executive of the National Gas Company, told the Financial Times that this cooperation had increased since Southern Water, which supplies 2.7 million homes, was attacked last year.

Butterworth said work had been intensified between his group, which owns the UK’s gas transportation network, the government, the British Government Communications Offices and MI5.

“We are deeply committed to the importance of this matter,” he said. “We have worked with the government in detail to make sure we can be resilient.”

“You have to outsmart the person who’s trying to hack into your system, so we’re constantly reviewing and updating the system. When Southern had a cyberattack — for a lot of people in utilities, I think that was an epiphany.”

Last December, Richard Horne, CEO of the UK’s National Cyber ​​Security Centre, said that there was “Widening gap “Between the increasing cyber risks we face and the UK’s collective ability to defend against them.”

While recent high-profile attacks on Jaguar Land Rover and Marks & Spencer have been attributed to criminal gangs made up of scattered hackers, security services are particularly concerned with attacks coming from China, Russia and Iran.

Most major companies now have detailed scenario planning on how to respond to cyber attacks.

Archie Norman, head of Marks & Spencer, has already said there should be a “single point of contact” for security agencies in the event of an attack, rather than waiting for an incident to escalate until it reaches the national security centre. He told MPs on the Business and Trade Select Committee last May that “corporate simulations and ‘red team’ attacks are nothing compared to what is happening and the severity of it.”

Victims of corporate cyber attacks are supposed to first alert the NCSC and the Information Commissioner’s Office in the event of a data breach. But people familiar with the situation complain that the process of alerting authorities feels like filling out a form.

“It’s like waiting on the phone to get to the doctor’s office instead of calling emergency response,” said one person familiar with the process.

Norman told MPs that company boards must be “fully informed, intelligent and educated about what is happening” in the event of an attack.

The UK government is set to introduce a draft Cybersecurity and Resilience Bill to Parliament later this month, according to a person familiar with the matter, in a further effort to increase the country’s preparedness.

The legislation will update the Networks and Information Systems Regulations 2018 so that businesses such as managed service providers who manage IT networks will fall within the scope of the rules.

The bill will also force regulated companies to report cyberattacks to the NCSC within 24 hours, and mandate organizations to tighten cybersecurity in their operations. Supply chainswhich represents an increasing means of attack for cybercriminals.

Rebecca Harding, chief executive of the Center for Economic Security, told the Financial Times: “We are reluctant to use the word war, but until we use it in the context of economics, we cannot talk about security effectively.”

“It is welcome that services are taking these steps because if we can prepare, it means we can be resilient,” she added.