Darllenwch y dudalen hon yn Gymraeg
In our increasingly digital world, cyber is a word we’re hearing about more and more cyber skills, cyber safety, online crime and cyber-attacks.
In this blog, we want to tell you about the development of a Cyber Action Plan for Wales, a commitment in our Digital Strategy for Wales.
This will be the first in a series of blogs about the action plan and we want to start by explaining a bit about what we mean by cyber, why we need an action plan and who the plan is for.
What do we mean by cyber?
For most people, cyber is synonymous with scammers or hackers behind a computer screen trying to hack into systems to steal our data or sending emails pretending to be the bank. When we talk about cyber, we mean more than just cyber security and helping our citizens, businesses and public services be as safe as they can be online. It’s also about skills, innovation, research, economic growth and investment in this area. All of these parts and more interlink to create what we call the ‘cyber ecosystem’.
How does the cyber ecosystem work?
The cyber ecosystem is made up of many parts. These include, growing our economy, education and attracting, developing and retaining skills, research and innovation and keeping our citizens, businesses and public services as safe as they can be. These areas all rely upon each other to grow and succeed.
To make the most of the ever-growing number of digital services and technologies available, it is important that the areas within the ‘cyber ecosystem’ work together effectively, underpinned by robust cyber security.
For example, to be cyber secure and protected against cyber-attack, we need to have the right basic skills and knowledge to be able to protect ourselves as citizens. This means that we need to support cyber skills through schools and education and awareness campaigns on how to stay safe online to support the community. We also need to have people with the right technical skills to support our businesses and services to be as secure as possible against cyber-attacks. This means we need to offer undergraduate and postgraduate courses to develop a future workforce, as well as providing opportunities to re-skill and develop on the job to support the current cyber workforce needs.
It’s also a fact the cyber threat is real, and organisations need to be prepared for being resilient to those attacks when – not if – they happen. We need to ensure leaders understand the risk and their role, have steps in place to respond to incidents and are developing resilience within their organisations.
As cyber-attacks are ever changing, it’s important for us to keep abreast of emerging technology and innovation to keep us as secure as possible in the face of new emerging threats. This is where partnership working comes in. By working together, industry and academia can research how new technologies can support us to be more secure and can demonstrate the impacts of cyber-attacks on organisations and businesses.
Furthermore, developing our skills, our workforce and investing in innovation and research will result in economic growth of the sector and Wales as a resilient nation. Having these foundations in place will attract global businesses to invest and bring their businesses to Wales and feel secure in doing so.
The cross-cutting work of these different parts form the basis of our Cyber Action Plan for Wales along with actions to deliver our aspirations.
Why do we need a Cyber Action Plan for Wales?
Well firstly, we think it’s important for Wales to have a clear vision and ambition for cyber, along with a set of actions on how we’re going to deliver that ambition.
We know that there is already a good story to tell in Wales which we want to share and build on. In fact, we have one of the biggest ‘cyber ecosystems’ in the UK, and one of the strongest in Europe. Due to our strong partnerships between industry, academia and government, our cyber sector is growing, and we are attracting key global players through our many strengths and reputation for excellence and innovation.
We want to continue to build on this success, by making the most of our investments and partnerships, so that we bring even greater benefits to Wales.
It is also important that we are keeping pace with the ever-changing digital landscape when it comes to cyber, and the action plan will help us do this. If we don’t keep up with the pace of these changes, we leave ourselves at risk of cyber-attacks which can have an impact on how we do business, on our economy and our security in general.
Who is the plan for?
While everyone has a responsibility when it comes to cyber, the action plan is mostly aimed at organisations rather than individuals. However, by delivering the actions in the plan, individuals/citizens will be better protected and better informed about how to be as secure as possible.
There are a variety of organisations and sectors that the plan will be relevant to such as local government, health, education (schools, colleges, universities), public services, third sector and businesses (whether they are large global companies or SME’s). There will be a need for these organisations to consider cyber in how their organisations run, ensuring they are as secure as possible. They will also need to consider whether their staff, at every level, understand the risks associated with cyber and have the fundamental skills needed to keep themselves and the organisations they work for safe and secure online.
Cyber is relevant to everyone and we all have a responsibility to be aware and prepared to keep as safe and secure as possible when we’re online.
Whilst Welsh Government have a clear leadership role in the delivery of the action plan, alongside UK Government, we cannot achieve this alone. It requires the collective efforts of public services, industry, academia, law enforcement and government at a local, national and UK level including arm’s length and sponsored bodies. To deliver this action plan we must embrace partnership working, collaboration and coordination across sectors.
We are currently working across government and with stakeholders to develop the action plan and identify and define the themes and joined-up actions we need to deliver our ambition for cyber in Wales. However, if you have any thoughts on what you think should be included in the plan, please let us know in the comments below.
The aim is to publish the Cyber Action Plan in spring 2023, and in the run up to publishing the plan we’ll be sharing some of the good work happening across Wales through our various social media channels, which will include some follow up blogs so please keep an eye out for those.
Post by Meleri Jones, Senior Policy Officer Cyber Leadership and Co-ordination
Ricoh Wales is a leading Security Company specialising in Cyber Containment, we currently supply the majority of Councils & some NHS in Wales. When Cyber Security is discussed the majority of the discussion are around prevention, it rarely discuses what happens if your protection fails. I would hope that Cyber containment forms part of the long term strategy for Cyber Security in Wales. Ricoh as a business would gladly be happy to be involved in this process should it be deemed required.
Thank you for your comment and interest in the work to develop the Cyber Action Plan for Wales. We are considering all feedback at the moment, including the points you have raised, while we continue to draft the plan.