Computers have made it easier for information to be categorised, referenced, processed, etc. However, this information is constantly at risk. Countries such as the United States and the United Kingdom are constantly exposed to cyber attacks every year and, because they cannot find its source, other countries are accused of these attacks. They must, however, take measures to avoid being harmed. Therefore, the United States and Britain have taken measures to prevent cyber attacks and are doing their best to promote them.
Cybersecurity
Cybersecurity mainly protects the hardware, software, and data present in a system with an active internet connection from external attacks. Organisations use cybersecurity for their databases and systems to prevent unauthorised access. Different forms of attacks include phishing, spear-phishing, drive-by attack, password attack, denial of service, etc.
So far, insufficient studies have been carried out on cybersecurity; but these studies have been published and the level of covert studies should not be overlooked. Because every country is trying to take measures to prevent cyber incidents, studies and information are not published in general, and may be published in later years when the studies have expired. It is not possible to say exactly which country is doing what about cyber attacks, but according to the Scopus scientific database, Britain has published the highest number of research in various formats, including books, conference papers, etc, on cybersecurity; after Britain, the United States is in second place at a large distance in cybersecurity studies.
Cybersecurity in the US
President Biden has made cybersecurity a critical element of the Department of Homeland Security’s (DHS) mission and a top priority for the Biden-Harris administration at all levels of government. To advance the president’s commitment, and to reflect that enhancing the nation’s cybersecurity resilience is a top priority for DHS, Secretary Mayorkas issued a call for action dedicated to cybersecurity in his first month in office. This call for action focused on tackling the immediate threat of ransomware and on building a more robust and diverse workforce.
In March 2021, Secretary Mayorkas outlined his broader vision and a roadmap for the Department’s cybersecurity efforts in a virtual address hosted by the RSA Conference, in partnership with Hampton University.
The USA also adheres to top-level strategic planning and policy guidelines. As one of the leaders and pioneers of IoT technology, the development of national-level IoT security research and strategic planning has become an essential reference to guide the development of the IoT in the US. At the end of 2016, the “10.21 Internet Outage” incident prompted the US to raise the security issue for the IoT to the level of homeland security. The US Department of Homeland Security issued a set of “Strategic Principles for Securing the Internet of Things (IoT), Version 1.0” the following month.
From the perspective of the federal government’s responsibility to ensure the security of the IoT, the white paper defines cross-departmental cooperation, the promotion of national security awareness, the promotion of incentive measures, and the development of international standards. These principles highlighted approaches and suggested practices to fortify the IoT’s security and equip stakeholders to make responsible and risk-based security decisions when they design, manufacture, and use internet connected devices or systems. Since then, the US federal government has accelerated the development of IoT security policy documents to strengthen the top-level design of IoT security management, improve management mechanisms, and enhance management and control capabilities.
Cyber Security in the UK
Private organisations suffer great losses due to cybersecurity incidents, and they invest increasing resources to prevent attacks, but little is known about the effectiveness of cybersecurity measures for prevention. The UK Cybersecurity Breaches Survey shows that the most promising ways to minimise cyber attacks and their impacts is to invest in in-house cybersecurity human resources and enhance the employees’ online self-protection by providing cybersecurity training, rather than just basic software protection and guidance about strong passwords.
In addition, cybersecurity in the UK is managed by the Sabiri National Security Centre. Launched in October 2016, the NCSC is headquartered in London and has brought together expertise from CESG (the information assurance arm of GCHQ), the Centre for Cyber Assessment, CERT-UK, and the Centre for Protection of National Infrastructure.
The NCSC provides a single point of contact for SMEs, larger organisations, government agencies, the general public and departments. They also work collaboratively with other law enforcement, defence, UK intelligence and security agencies and international partners.
Also, the UK is the first country to apply consumer IoT security regulations. It launched the world’s first IoT security practice guidelines, which provide a sufficient basis for the development of other countries’ IoT security-related documents, and lay the foundation for the development of EU’s first consumer IoT security global standards.
Since 2018, the UK government has issued several security policy documents on the design of consumer IoT devices and software services, providing a practical basis for consumer protection. For example, the “Code of Practice for Consumer IoT Security” starting from the safety protection of smart products, no mandatory proposals based on results are put forward to strengthen consumer privacy and security protection.
The practice of establishing a security benchmark for Internet connected products and future IoT certification programs have been incorporated into the “General Data Protection Regulation.” To further combat the insecure factors of the IoT, the UK government has also formulated more stringent security regulations from the perspective of consumers, such as unique device passwords, easy contact with manufacturers, and explicit device lifetime. In July 2020, the UK government issued the “Proposals for regulating consumer smart product cybersecurity – call for views,” pointing out that slow processes and poor security in the safety reform of consumer smart products are still a commonplace phenomenon. The plan, which aims at improving the safety standards of consumer smart products, can establish a cybersecurity baseline for the UK smart product market.
And there is a serious demand for cybersecurity specialists, both in the UK and globally; there is thus significant and growing higher education provisions related to specialist undergraduate and postgraduate courses focusing on varying aspects of cybersecurity. To make their digital systems and products more secure, all in IT need to know some cybersecurity – thus, there is a case for depth as well as breadth; this is not a new concern, but it is a growing one. Delivering cybersecurity effectively across general computer science programs presents a number of challenges related to pedagogy, resources, faculty and infrastructure, as well as responding to industry requirements. Computer science and cognate engineering disciplines are evolving to meet these demands – both at school-level, as well as at university; however, doing so is not without its challenges.
Conclusion
The United Kingdom and the United States are both powerful industrialised countries that have taken or are planning to take action to prevent cyber attacks, but the United Kingdom seems to be much more advanced than the United States and the serious damage that the United States has suffered from cyber attacks is proof of this. However, the UK is constantly updating its cybersecurity to the point where it wants to challenge low-level training to bring in talented people into its government. Of course, the new US administration is also looking for a change in cybersecurity to be safe from attacks, but so far no serious plans have been presented.
