George Osborne’s National Spider Plan

17th November 2015

And so inspired by Jennie Rigg’s brilliant tweet, here are extracts from George Osborne’s speech today, with “cyber” replaced with “spider”.  

And it makes just as much sense.

*

…And that’s what I want to talk to you about this morning. For government has a duty to protect the country from spider attack, and to ensure that the UK can defend itself in spiderspace.

Today I want to set out how we are fulfilling that duty. I will explain how we have invested in Britain’s spider security in the past five years, and to set out our plan for the next five.

The national spider plan I am announcing means investing in defending Britain in a spider-age. It is a key part the Spending Review I will deliver next week.

[…]

It is one of the many spider threats we are working to defeat.

Getting spider security right requires new thinking. But certain principles remain true in spiderspace as they are true about security in the physical world.

[…]

But GCHQ has a unique role. It is the point of deep expertise for the UK government. It has an unmatched understanding of the internet and of how to keep information safe.

It is a centre of capability that we cannot duplicate, which must sit at the heart of our spider security.

[…]

I can tell you today that right now GCHQ is monitoring spider threats from high end adversaries against 450 companies across the aerospace, defence, energy, water, finance, transport and telecoms sectors.

In protecting the UK from spider attack, we are not starting from zero.

In 2010, at a time when we as a new government were taking the most difficult decisions on spending in other areas, we took a deliberate decision to increase spending on spider.

We set up the National Spider Security Programme and funded it with £860 million.

And for the past five years we have been creating and enhancing the structures and capabilities that Britain needs to defend itself in spiderspace.

[…]

We have ensured that our military systems are properly secured from spider attack.

We have built the National Spider Crime Unit so spider criminals are brought to justice.

We established the Computer Emergency Response Team for the UK, and the Spider Information Sharing Partnership so companies could share what they knew.

We developed clear guidance for businesses, including the Spider Essentials scheme, which already has over a thousand companies accredited.

[…]

We built spider security into every stage of the education process. We established Spider First and spider apprentices to make sure that we got the talent we needed coming into the field.

And we undertake exercises so we know what to do when there is a serious spider incident.

[…]

We have built a world-class range of tools and capabilities that Britain needs to stay safe from spider attack.

We are widely regarded as top or near top in the world.

But nice though it would be to sit on our laurels, the truth is that we are not where we need to be. We are not winning as often as we need to against those who would hurt us in spiderspace.

The truth is that we have to run simply to stand still.

The pace of innovation of spider attack is breathtakingly fast, and defending Britain means that we have to keep up.

At the heart of spider security is a painful asymmetry between attack and defence.

[…]

A few years ago mounting a sophisticated spider attack meant having all the skills that each stage of the attack required, from gaining access to the network to designing the payload that was to go into it.

[…]

Last summer GCHQ dealt with 100 spider national security incidents per month. This summer, the figure was 200 a month. Each of these attacks damages companies, their customers, and the public’s trust in our collective ability to keep their data and privacy safe.

[…]

We will be boosting the capabilities of the National Spider Crime Unit, so that – in partnership with their counterparts around the world – they attack the assumption among too many that spider crime is risk free, and comes with little risk of consequences.

[…]

And we will build in the National Spider Centre a series of teams, expert in the spider security of their own sectors, from banking to aviation, but able to draw on the deep expertise here, and advise companies, regulators, and government departments.

Building the National Spider Centre will be a hugely ambitious and important undertaking that reflects this government’s commitment to making the UK secure in spiderspace.

[…]

If we do not act decisively, the skills gap will grow, and limit everything we want to achieve in spiderspace. 

So we will launch an ambitious programme to build the spider skills our country needs, identifying young people with spider talent, training them, and giving them a diversity of routes into spider careers.

[…]

As all of you who work in the sector know, what is needed are specific spider security skills, building on particular talents.

And we need to tackle this problem on a number of fronts including in our universities. But we need to make sure there are other routes into the spider workforce.

[…]

Of course, we need not just great skills but great British companies as well.

If Britain is to be a world leader in spider, and stay at the cutting edge of spider technology, we need the innovation and vigour that only these companies can offer.

We need to create a commercial ecosystem in which spider start-ups proliferate, get the investment and support they need, and are helped to win business around the world.

[…]

I am glad that there is already so much happening in this space; I am happy we have the founders of Spider London with us today.

And I am delighted that Paladin Capital has just announced it is establishing a dedicated spider fund in the UK; we can be proud that they have chosen London as its base.

We will build on this energy. We will help commercialise the extraordinary innovation in our universities. We will provide training and mentoring for our spider entrepreneurs.

We will be establishing two spider innovation centres – places where spider start-ups can base themselves in their crucial early months, and which can become platforms for giving those start-ups the best possible support.

I have talked before about an arc of spider excellence – stretching from this building, through Bristol and Bath to Exeter – to make the South West a world leader in Spider Security.

Today I can announce that one of the two innovation centres will be here in the South West of England, in Cheltenham, reflecting the extraordinary talent in this place, and our aspiration that this talent should help drive our spider sector.

Government can itself provide a huge boost for British spider start-ups, if it can be smart enough to marshal its procurement in a coherent way.

This should be a win-win – our spider start-ups need endorsement, investment and first customers.

And government, from our military and GCHQ to the Government Digital Service and the NHS, need to be able to procure excellent spider security hardware and services.

So I can announce today that we will create a £165 million Defence and Spider Innovation Fund, to support innovative procurement across both defence and spider security.

It will mean that we support our spider sector at the same time as investing in solutions to the hardest spider problems that government faces.

Of course, our involvement with industry on spider goes well beyond the spider sector. We need to make sure that Britain has the regulatory framework it needs, particularly in the sectors we define as the Critical National Infrastructure.

[…]

Our vulnerability as a nation in spiderspace goes well beyond the critical national infrastructure.

[…]

We have a collective interest in the spider defences of individual companies across the British economy.

[…]

If we are to tackle the asymmetry between attack and defence, then we need to establish deterrence in spiderspace.

[…]

Part of establishing deterrence will be making ourselves a difficult target, so that doing us damage in spiderspace is neither cheap nor easy.

[…]

We need to destroy the idea that there is impunity in spiderspace.

[…]

We reserve the right to respond to a spider attack in any way that we choose.

And we are ensuring that we have at our disposal the tools and capabilities we need to respond as we need to protect this nation, in spiderspace just as in the physical realm.

We are building our own offensive spider capability – a dedicated ability to counter-attack in spiderspace.

We have built this capability through investing in a National Offensive Spider Programme.

[…]

The threats to our country in spider space come from a range of places – from individual hackers, criminal gangs, terrorist groups and hostile powers.

[…]

To those who believe that spider attack can be done with impunity I say this: that impunity no longer exists.

[…]

That means they need to be prepared for hybrid conflicts, played out in spiderspace as well as on the battlefield. A 21st Century military has to operate as effectively in spiderspace as it does on land and sea, in the air and space.

Our commitment to spending 2% GDP on defence means we can invest in a military that is spider trained, spider secure, and spider enabled, with the ability to fight in every domain of future conflicts.

[…]

We need to keep fighting to preserve a free, open, peaceful and secure spiderspace.

Agreement that international law applies in spiderspace has been an essential first step.

And we need international norms of behaviour in spiderspace, so that freedom is matched by responsibility.

[…]

We need our police forces to work together to ensure that less and less of the world is a hiding place for spider criminals.

And we need to help our partners develop their own spider-security – as we share a single spiderspace, we collectively become stronger when each country improves its own defences.

For the past five years we have been investing in the spider security of our partners as well as our own.

We have helped establish the outstanding Global Spider Security Capacity Centre in Oxford. In the coming years we will step up these efforts, mindful that we are bound together in spiderspace.

The national spider plan that I have announced today is bold, far-reaching and transformative in numerous ways.

[…]

But it will make Britain one of the best protected countries in the world; it will give our companies and citizens the tools they need to stay safe from spider attack; and it will create jobs and prosperity.

With the ability and dedication of GCHQ’s staff, our new National Spider Centre, and the ideas and skills across our country, our plan will make sure that Britain remains a world leader in spider, and give Britain an important edge in the global race.

_____________________________________

To get alerts for my new posts at Jack of Kent and the FT, and anywhere else, please submit your email address in the “Subscribe” box at the top of this page.

12 thoughts on “George Osborne’s National Spider Plan”

  1. The thing that’s absurd is that any serious attempt at computer security, and ” … making ourselves a difficult target, so that doing us damage in [spider]space is neither cheap nor easy” will necessarily include the use of the best encryption schemes we know, both for privacy and for authorisation, and without back doors. Specifically, it will use techniques that another branch of the same government is currently attempting to undermine, if not prohibit!

    1. “so that doing us damage in [spider]space is neither cheap nor easy” will necessarily include the use of the best encryption schemes we know, both for privacy and for authorisation, and without back doors”

      I’m not sure I’d use encryption services provided by GCHQ and believe they didn’t have a back door.

  2. Finally, a Tory policy I can support. I’ve been waiting a lifetime for a pro-arachnophobe political party to emerge in this country!

  3. Spider-Man, Spider-Man,
    Does whatever a Chancellor can
    Spins a policy, any size,
    Bullingdon Club with bow ties,
    Look out!
    Here comes the Spider-Man

  4. That was just to painfully funny to read in full. Good thing I carry a can of cyber-raid with me at all times.

    Thanks for a good belly laugh!

    Armageddon!

Leave a Reply

Your email address will not be published. Required fields are marked *