Government Cyber Security Strategy – how does encryption fit into all of this?

The new National Cyber Security Centre was officially opened today – although the unofficial opening was 5 months ago.

The Chancellor, Phillip Hammond MP, gave a speech outlining the need for a stronger approach to cyber security and the need for all of us, Government, business and citizens to work together to improve our security online and in the cyber-sphere.   The speech mirrored some of the intentions outlined in last November’s National Cyber Security Strategy.

The noise coming from Government with regard to cyber security is welcome.  Cyber security is not only absolutely critical to the nation as a whole but to each and every one of us as individuals and as Government stresses we all have a role to play.   But there remains one glaring concern – how does encryption fit into all of this?

When the strategy was launched in November 2016 we blogged about the inconsistent approach the Government was taking on encryption. On the one hand they appear to be establishing and maintaining a strong systems of cyber security yet at the same time they continue to argue for backdoors to encryption for the purpose of law enforcement and counter terrorism.

The Government’s continued mantra that there must be “no guaranteed ‘safe spaces’ for terrorists and criminals to operate beyond the reach of the law” continues to present an uncomfortable juxtaposition to the rest of the Strategy which states that “products and services” will have “built-in security as a default setting.”

We will watch with baited breath to see how cyber security will be strengthened whilst encryption is being legally weakened