The UK government is aiming to capitalize on the rise in online threats to sell the nation’s cybersecurity expertise worldwide, despite heavy criticism in the past for its own security failings.
Published on Monday, the Cyber Security Export Strategy aims to support the ongoing work of the 2016-21 National Cyber Security Strategy, which saw £1.9bn pounds of public spending committed to the sector.
The Department of International Trade (DIT) document sets out a plan to support UK companies bidding for contracts with overseas governments and CNI providers.
It also claims the DIT will “curate bespoke offers for the top buyers” in six sectors highlighted as those set to receive biggest investment in security over the coming years. It claims it will run trade missions and pitch UK companies to address identified capability gaps.
The third pillar of the DIT’s approach is to help improve global branding and marketing for UK cybersecurity companies, alongside new content on a great.gov.uk site.
The new strategy seems to be aimed primarily at supporting SMEs which could otherwise struggle to make an impact on the global stage. It claims UK Export Finance is available for those in need of monetary support to export goods and services.
The new strategy could be seen as a response to Brexit, which experts have argued will have a hugely negative impact on the UK’s cybersecurity industry.
It’s already claimed that hiring of European practitioners is getting harder for UK firms, and there are question marks over information sharing and other region-wide agreements currently benefiting UK businesses, not to mention the tariff-free trade of the single market.
However, the sight of the government attempting to tout its expertise in cyber around the globe is somewhat ironic considering the parlous state of NHS cybersecurity. The health service was decimated by WannaCry ransomware last year, and in February, a committee reported that all 200 Trusts had failed basic security tests.
In February 2017, parliament slammed the government’s cybersecurity efforts as uncoordinated, inconsistent and failing the wider public sector outside Whitehall.
However, most experts cautiously welcomed the new DIT strategy.
“It’s great to see the government acknowledge the strength of the UK cybersecurity sector. Against a backdrop of ever-evolving threats, growing digital transformation and regulatory pressures, there has never been such global demand for effective cybersecurity products and services,” said RedScan CTO, Andy Kays.
Thales eSecurity EMEA VP, Peter Carlisle, added that the strategy demonstrates a clear government commitment to collaboration with the private sector.
“By not only honing our skills here in the UK, but by exporting our expertise overseas too, this will ensure that we ward off attacks from foreign actors whilst simultaneously strengthening our own capabilities,” he claimed.
Others were more sceptical.
“The Cyber Security Export Strategy sends out a message in no uncertain terms that security is and will remain top of the agenda. With heightening tensions between foreign nations and an increasing risk of threat actors sabotaging businesses, governments, hospitals and schools, the UK has an opportunity to lead by example and grow an already burgeoning sector,” said Smoothwall corporate security specialist, Rob Wilkinson.
“But it smacks, too, of a country trying to rebuild its reputation following major breaches including WannaCry in the NHS, Petya and businesses like Wonga. A lot of work has to be done to keep organizations safe in this country as well as countries abroad.”