A major cyber-attack on the UK could leave the UK's armed forces "fatally compromised" without a viable 'plan b' a committee of MPs has warned the Government.
Despite acknowledging the UK's world-leading expertise in the cyber-defence, the influential Defence Select Committee uncovered a complex web of weaknesses and uncertainties that it said urgently needed to be addressed.
The first was simply a general complacency about the amount of progress that had been made to date, and a lack of clarity about how military and government might respond in certain scenarios.
"The evidence we received leaves us concerned that with the Armed Forces now so dependent on information and communications technology, should such systems suffer a sustained cyber-attack, their ability to operate could be fatally compromised," the Committee's report concluded.
Despite this, it was unacceptable that the Government had yet to set out its cyber-attack contingency plans, nor even whether it had one in place.
"Events in cyberspace happen at great speed. There will not be time, in the midst of a major international incident, to develop doctrine, rules of engagement or internationally-accepted norms of behaviour," said the MPs.
The committee was also unconvinced that the Ministry of Defence had done enough to secure its supply chain and industrial base.
"It is imperative that we see evidence of more urgent and concrete action by suppliers to address this serious vulnerability, and of energy and determination on the part of the MoD to enforce this action."
There was a risk that different Parts of the armed forces competed with one another for resources, leading to fragmentation into 'silos'.
The UK had recently become involved in the NATO Cyber-Defence Centre of Excellence but needed to accelerate its efforts on this initiative.
In short, the stresses of cyber-defence have challenged the whole defence system to change its models from one based on physical assets to the acknowledgement that any future conflicts will have a frightening electronic and digital dimension.
The MPS seem to be saying that the military and perhaps government have yet to fully digest the implications of this change.
"Interestingly, the UK was placed first of the G20 in its ability to withstand cyber-attacks and deploy the appropriate infrastructure for a productive economy, according to Booz Allen Hamilton's recent Cyber Power Index," pointed out Martin Sutherland of BAE Systems Detica.
"We need to encourage more organisations to share best-practice approaches to cyber security and provide more information about the nature of the attacks they're seeing, particularly given that many private sector firms act as suppliers to Government or are delivering essential services that our nation relies upon every day," he said.
An anxiety running through the report is the ambiguity of cyber-attacks and in quickly identifying who is responsible, and in which circumstances retaliation might be justified.
Sign up for CIO Asia eNewsletters.