The UK will release the National Cyber Strategy 2022 (National Cyber Strategy 2022). And the National Cyber Security Strategy 2022-2030 (Government Cyber Security Strategy 2022-2030). In December 2021 and January 2022, analyze the current challenges faced by the UK. Network security risk, emphasizes the significance of ensuring network security to its national security. And development proposes a series of measures to build a network ecology to cope with continuous changes.
Raise network security awareness to the height of culture. And puts forward a higher level of British network security awareness education work. Require. British Cyber security awareness education is a field that the UK has been focusing on. And continuously increasing investment for many years. And its related practices have certain reference and reference value for improving my country’s cyber security awareness education.
1. Main practices of UK cybersecurity awareness education
As one of the world’s cyber powers, the UK has always attached great importance to cyber security awareness education. Looking at the development of cyber security awareness education in the UK. The UK Its main practices can be summarized in the following aspects.
i. Implementing the promotion of cybersecurity awareness as a national cybersecurity strategy
It is a common practice in the UK to explain cybersecurity concepts in national strategy documents. Since the publication of the first Cyber Security Strategy of the United Kingdom in 2009. Cyber security awareness has been one of the keywords in the UK National Strategy Report. In recent years, the cyber strategy documents, cyber security strategy documents. And national security strategy reports issued by the UK have attached great importance to the details.
The detailed analysis of the sources of cyber security threats faced by the UK. And comprehensively expounded the UK’s propositions on core concepts such as cyberspace and cyber security. Declares the core values and basic principles that the UK pursues in maintaining its own network security. So as to form a broad consensus on network security in the whole society.
The UK is also deploying cybersecurity awareness education initiatives across its cybersecurity strategy. The “2022-2030 Cybersecurity Strategy” has set up a special chapter to elaborate on “cultivating correct cybersecurity skills, knowledge and culture”, raising cybersecurity awareness to a new level. The document pointed out that “people and organizational culture are the important things of the risk reduction. To truly improve the level of cybersecurity, in addition to relying on technology, we should pay more attention to people.” In addition, the “2022-2030 Cybersecurity Strategy” also focuses on government responsibilities, Talent training, network security culture, and other aspects that have put forward specific goals to improve the British network security awareness of all types of personnel.
It is important to note that the UK’s National Cyber Strategy 2022 emphasizes enhancing cybersecurity skills as an important part of the UK’s cyber ecosystem. Government departments, enterprises, and the general public are all part of the network ecology. The prerequisite for improving network security skills is to have a strong awareness of network security, have a strong internal motivation to improve network security skills, and consciously update network security knowledge and skills reserves. Contribute to the security of the entire network ecosystem.
ii. Government departments play a leading role in cultivating cybersecurity awareness
In October 2016, according to the then national cybersecurity strategy, the United Kingdom reorganized and established a specialized agency, the National Cybersecurity Center (NCSC), to guide various cybersecurity work including cybersecurity awareness, and set up a cybersecurity awareness column on its official website. , to publicize and popularize network security knowledge and skills. The NCSC believes that cybersecurity awareness is government advice on how to ensure cybersecurity. The UK’s ” Cyber Security Strategy 2022-2030 ” emphasizes that government staff should first improve cyber security awareness, master cyber security protection knowledge, reflect British network security awareness in the process of providing services to the public, and raise cyber security awareness to network security. safety culture level. In order to improve the cybersecurity awareness of public servants and ensure the cybersecurity of themselves and the departments they work for, the UK government will provide targeted education and training programs and advice.
In order to ensure the implementation of the national cyber security strategy, the British government has invested a lot of resources to formulate and implement the National Cyber Security Programme (National Cyber Security Programme). The national cybersecurity plan attaches great importance to publicity and education, among which, cybersecurity training for officials of various departments and raising their cybersecurity awareness are important contents, and cybersecurity awareness training for government employees is an important measure to improve the level of cyberattack protection.
The UK also pays attention to the coverage of cybersecurity awareness education in all areas of society to achieve full coverage at the personnel level. In addition to highlighting the cultivation of cyber awareness among government officials, it also pays attention to the cultivation of cybersecurity professionals and strengthens awareness of cybersecurity among the general public, especially young people. nourish. One of the strategic measures for the network ecology currently implemented in the UK is to support and encourage more people to acquire the necessary skills for a career in the network. And use it as a key task to ensure the best use of people and improve the level of national security.
iii. Gathering forces from all quarters to jointly improve the network security awareness of the whole society
The United Kingdom has always insisted on carrying out centralized British network security awareness publicity and education activities. Since 2012, every October, the UK has carried out various activities to raise the cybersecurity awareness of the whole society within the framework of EU Cybersecurity Month. After the official Brexit in 2020, the United Kingdom still insists on carrying out relevant centralized education and publicity activities.
The UK Cyber Security Council believes that although cyber security awareness education is something to be done throughout the year, it is necessary to dedicate a month to the activities. Organizations that have less communication in their usual work can work together in specific weeks to be creative, break the routine, carry out some activities that are different from their daily work, achieve greater results, and also promote their products and services for network security vendors. The service creates a good time.
During the Cyber Security Month, the government not only plays a leading role, but also attaches great importance to cooperation with the private sector, and supports various NGOs and cyber security companies to provide services, such as inviting the private sector to conduct cyber security lectures and co-organizing cyber security skills competitions. In addition, there are specialized companies in the UK that provide government departments, and public and private institutions with specialized training to improve cybersecurity awareness.
Government departments strengthen guidance on the cultivation of enterprises’ cybersecurity awareness and facilitate the transformation of the digital economy. The premise of developing the digital economy is to ensure network security. The UK government encourages and wants more people to use digital services while working to educate individuals and businesses about the risks of data breaches. In order to seize the development opportunities in the digital economy era, the British government attaches great importance to the guidance of digital transformation of enterprises, especially small and medium-sized enterprises, and helps these enterprises to improve the level of network security protection. Among them, improving the cybersecurity awareness of small and medium-sized enterprises has always been supported by the government. Important content.
iv. Continue to increase investment in the training of network security professionals
Cybersecurity awareness is based on and premised on cybersecurity capabilities. The British government believes that the improvement of British Network security awareness relies on cyber security professionals. And is necessary to incorporate talent training into the national cyber security strategy. The 2011 edition of The UK Cyber Security Strategy proposes to strengthen cyber security education and training.
Establish a team of cyber security professionals, and meet the skills and expertise required by governments. And enterprises to improve cyber security capabilities. The United Kingdom’s “2016-2021 Cyber Security Strategy” (National CyberSecurity Strategy 2016-2021). Proposes to vigorously cultivate and continuously provide excellent local cybersecurity talents, and solve the problem of shortage of cybersecurity experts. And young talents, and meet the cybersecurity requirements of the public and private sectors. Skill needs.
Cyber Security in the Education and Training System
Under the guidance of the above strategic document. The UK will incorporate cyber security into the education and training system for all. And will continue to make adjustments and improvements to meet the changing needs of the industry and government. Such as encouraging companies to strengthen employee training, promoting industry and academia, and professional institutions. And industry associations Cooperation, construction of diversified occupational positions and training channels.
The establishment of skill consulting groups, support for the formulation of long-term strategies, etc. Have cultivated a large number of network security talents. And provided sufficient human resources support to ensure the UK’s network security. And improve network security awareness. The “2022-2030 Government Cybersecurity Strategy” further proposes that the government should continue to increase the training of cybersecurity talents. And will establish a national cybersecurity college to further improve the level of cybersecurity talent training.
The UK pays special attention to the training and reserve of youth network security talents. And has continuously launched education and training projects. And plans for youth to reserve network security professionals required for the development of national network security. For example, the UK launched an online school project, offering a 5-year.
Cyber security course for young people aged 14 to 18 to enhance their cyber security awareness and skills. The implementation of the “Internet First” plan, invited young people aged 11 to 17 years to participate in events. Such as the Cyber Security Challenge to uncover potential talent and train the next generation of cyber security experts. These activities have not only reserved a large number of cyber security talents for the UK. But also greatly improved the cyber security awareness of young people.