The UK government aims to improve levels of professionalism in information assurance and cyber defence across the public and private sector. But its cyber security strategy is based on the assumption that the UK is insufficiently prepared to counter the current and imminently expected cyber onslaught from both organised crime and foreign nation states.