Cybersecurity experts have criticized the limited increase in the government's cybersecurity budget, describing the total increase of £6.5 million over the last financial year as insufficient compared to the scale of the threats.
Suid Adeyanju, chief executive of RiverSafe, described the budget increase as “regrettable”, arguing that elected officials in the UK deserve the “highest standard” of cyber protection in the current security landscape.
“The increasing volume of sophisticated security attacks against parliamentarians and peers requires immediate and urgent action, including military-grade encryption, the latest training strategies and ransomware prevention,” Adeyanju said.
According to data obtained under a Freedom of Information (FOI) request, the UK Parliament's overall IT budget has increased to £67,702,898, up from £61,154,627 the previous year.
These figures represent only 11% growth, although the data also shows an increase in IT specialists employed by parliament, totaling a staff of 548, up from 496 the previous year.
Concerns over cybersecurity financial commitments arise following news that China-linked threat actors were responsible for the attack on the Election Commission.
Hackers were found to have accessed the personal data of around 40 million voters in the UK, sparking a diplomatic row between the US, UK and China.
The National Cyber Security Center (NCSC) also found that four British parliamentarians, known for their criticism of Beijing, were the target of a separate cyberattack.
The threat actors are believed to have targeted these parliamentarians' emails in the form of a phishing attack.
In direct response to the attacks, cyber espionage group APT31, known for its links to China's Ministry of State Security, has been sanctioned by the UK government.
“We will not hesitate to take swift and strong action where the Chinese government threatens UK interests,” said Deputy Prime Minister Oliver Dowden.
“The United Kingdom considers that these actions demonstrate a clear and persistent pattern of behavior that indicates hostile intent on the part of China,” he added.
While Adeyanju criticized current levels of cybersecurity spending, other industry stakeholders praised parliament's commitment to improving IT staffing levels.
“It is encouraging to see a substantial increase in IT staffing at a time when Parliament and many other organizations are facing relentless cyber risk,” said Derek Mackenzie, CEO of Investigo.
“Having a technology team equipped with the latest cyber and AI skills is critical to protecting organizations from external threats.”