The UK government has published a new national cyber strategy to bolster the nation’s defensive and offensive capabilities amid rising attacks from criminal gangs and nation-state actors.
The government wants its wide-ranging strategy to solidify the UK’s “position as a global cyber power.” Plans to enhance the nation’s cyber-defenses include implementing the recently announced Product Security and Telecommunications Infrastructure (PSTI) that imposes minimum security standards on smart device manufacturers and increased funding in public sector cybersecurity. Additionally, the government said there will be an expansion of the National Cyber Security Centre (NCSC)’s research capabilities.
There is also a strong emphasis on promoting offensive measures in the policy to better equip the military and police to take the fight to cyber-threat actors. For this, there will be increased funding for the UK’s recently established National Cyber Force and for law enforcement to help disrupt and target cybercrime groups.
Home Secretary Priti Patel commented: “Cybercrime ruins lives and facilitates further crimes such as fraud, stalking and domestic abuse. Billions of pounds are lost each year to cyber-criminals who steal or hold personal data to ransom and who disrupt key public services or vital sectors of the national economy.
“This strategy will significantly improve the Government’s response to the ever-changing threat from cybercrime and strengthen law enforcement’s response in partnership with NCSC and the National Cyber Force. We all have a part to play in protecting ourselves from cybercrime. It is important that as a society, we take this threat seriously.”
"It is important that as a society, we take this threat seriously"
Another major aspect of the policy is growing the UK’s cyber talent pool and calling for “all parts of society to play their part in reinforcing the UK’s economic and strategic strengths in cyberspace.” Among the measures outlined in this area, the government announced a new ‘Cyber Explorers’ online training platform to enable young people to learn cyber skills in classrooms and a new scheme to help adults from all backgrounds access jobs in this sector. In addition, a new Royal Charter will be brought in to bring cybersecurity in line with other professional occupations like engineering.
It will also continue to support cyber start-up companies through programs like the Cyber Runway scheme. The government said that these initiatives will build on the considerable growth in the UK’s cyber sector over recent years, with over 1400 businesses generating revenues of £8.9bn last year. These initiatives also aim to ‘level up’ the cyber sector across all UK regions.
Sir Jeremy Fleming, director of GCHQ, said: “The National Cyber Strategy builds on the country’s strong foundations in cyber security that GCHQ’s work has been part of, particularly through the NCSC. But it goes beyond that. It brings together the full range of cyber activities, from skills to communities, and to the use of offensive cyber capabilities through the newly established National Cyber Force.
“It shows how the UK can build capacity across the country to continue to prosper from the opportunities of cyberspace." With the UK being a leading responsible cyber power, it "can build alliances with democratic partners around the world to protect a free, open and peaceful cyberspace.”
The strategy is supported by a £2.6bn investment in cyber that the government announced in its spending review this year.
Commenting on the announcement, Jude McCorry, CEO of SBRC, said: “The number of cyber-attacks has been on the rise since the start of the pandemic, with both international and domestic cyber-criminals taking advantage of our increased reliance on technology. We welcome the new National Cyber Strategy, particularly with its emphasis on a ‘whole of society’ approach. From a business perspective, the public and private sectors alone cannot drive the change needed to level up cyber security in the UK and keep us safe from cyber-criminals both here and abroad; we must work in partnership.”
Adrian Nish, head of cyber propositions at BAE Applied Intelligence, stated: “We welcome any overarching strategy as long as it is joined up and includes details on implementation, leadership, accountabilities and enables different bodies to carry out their missions.”
Saj Huq, head of innovation at Plexal, the innovation center helping deliver the Cyber Runway scheme, said: "Cybersecurity is relevant to everyone and today’s newly announced National Cyber Strategy recognizes this – and discusses how the government wishes to take a whole-of-society approach to the UK’s cybersecurity."
"The sheer growth of cyber incidents, the increasing geopolitical relevance of cyber and our growing dependence on technology as a society has further underlined how critical effective cybersecurity is for our country’s future prosperity and national security. This view is cemented in today’s strategy, with the government highlighting how all of us – be that public, private, big or small – must play our part in this important sector.
"The new National Cyber Strategy recognizes that horizontal technology areas such as cyber – with their potential to influence and shape the fabric of how our society interacts and engages with technology – requires targeted government intervention. We need to harness the power of the government to bring together stakeholders from across the ecosystem and create the conditions that enable them to share information an unlock opportunities.
"This strategy places cybersecurity at the heart of all future national decision-making on emerging technologies, with a specific focus on building ecosystems around key technologies that are critical to the UK’s strategic direction and embedding security into the next generation of breakthrough technologies that will shape our digital and physical worlds."