We will continue to secure our borders effectively in light of global threats, while enabling the seamless legitimate movement of people and goods, which is essential to ensuring Guernsey remains a successful society.
Proactive consideration of how best to develop our cyber security as a jurisdiction is essential for our continued success as an international financial services and digital centre. We need to ensure that existing legislation is fit for purpose, and has appropriate flexibility to respond to evolving threats. We also need to ensure that we have the correct expertise and capability in order to best respond to evolving opportunities, and to raise and promote cyber awareness across businesses and individuals.
Cyber Security Policy
- The Committee for Home Affairs published the Cyber Security Policy in November 2017 to develop the Bailiwick's cyber security capability. Eight strategic goals were identified with the aim to ensure that Guernsey people, businesses and the States are as 'safe and secure' online as they are in the physical environment. These eight goals are:
- To provide proportionate legislation and regulation to meet the current threat. This includes the delivery of the Data Protection (Bailiwick of Guernsey) Law 2017, aligning Guernsey's data protection legislation with the General Data Protection Regulation (GDPR) EU law.
- To continuously assess the threat to Government, business and islanders. The threat continues to develop and change with remarkable speed. The threat, and therefore our response, will need to be continuously assessed.
- To build international cooperation and partnerships with specialist agencies, organisations and businesses from across the UK, EU and Jersey. We will learn from their expertise, lever their capabilities [where appropriate].
- To establish a framework and capability to confidentially share and report cyber security information across Government, business and islanders.
- To develop the appropriate incident response capabilities at the strategic, tactical and operational levels to defend from cyber attacks.
- To set minimum-security standards for Government and businesses based on international best practice. We will encourage businesses to adopt these.
- To provide a focus from Law Enforcement as the lead agency for Cyber Security.
- To work with other committees and our own agencies to provide relevant, timely and accurate education on cyber security.
- These strategic goals ultimately work towards the same core aim, namely, to 'ensure that Guernsey citizens, business and Government are as 'safe and secure' going about their legitimate lives in cyber space as they are in the physical environment.