UK Government launches National Cyber Strategy
The UK government has published its National Cyber Strategy, which sets out its vision for how the country can continue to be a leading responsible and democratic cyber power.
Building on progress since 2016, the new strategy signals the UK’s commitment to continued investment in and protection of cutting-edge and critical technologies, a more comprehensive approach that leverages the full range of the UK’s cyber capabilities, and a desire to step up the nation’s resilience to known vulnerabilities and attack methods over the next decade. Recognising that cyberspace is now integral to our future security and prosperity, the strategy is built around five core pillars that aim to: facilitate a more secure and resilient nation; deliver an innovative, prosperous digital economy; better enable the UK to be a science and tech superpower; and enable the nation to become a more influential and valued partner on the global stage.
Central to the strategy is the Government’s self-proclaimed whole-of-society approach to cyber, which seeks to build an enduring and balanced partnership across the public, private and third sectors. The UK’s cyber security industry sits at the heart of this approach, with the Government setting out plans to support the growth of the sector and thus benefit from its capabilities and expertise.
The Government has set out that it will continue to use legislative and regulatory levers to drive up cyber security standards and resilience across critical sectors, larger businesses and the public sector, whilst tackling the increasing reliance on third party suppliers. Measures will include a review of Networks & Information Systems (NIS) regulations, a new security framework for telecommunications providers and a new regulatory framework to ensure the future smart and flexible energy system is secure and resilient. The Government will also set out clear requirements for testing or adversary simulation across the UK’s critical national infrastructure (CNI).
In the broader business community, the Government will look at embedding cyber security as a core part of good business through better use of regulation and other incentives. This will include the launch of a new Cyber Security Regulation and Incentives Review.
Ollie Whitehouse, Global CTO at NCC Group, said: “The digital threat landscape continues to evolve in intensity, complexity and severity. There are increasing levels of cyber-crime and associated breaches in the private and public sector, with legacy systems, supply chain risks and a shortage of cyber security professionals, all proving to be a growing area of concern.
“This new National Cyber Strategy will be important to drive forward cyber security and resilience across the UK economy and society. We welcome the pioneering initiatives it introduces, from expanding protection at scale, to acknowledging the role of offensive operations in national defence and putting cyber at the heart of the UK’s foreign policy agenda. Moreover, for the first time, the strategy allocates clear responsibilities. It highlights expectations that accountability for understanding and managing cyber risk sits with businesses and service providers, not end-users. With that in mind, additional regulation and legislation is expected and organisations will need to understand how this will likely affect them in order to prepare.
“Given the significant progress made on cyber over the last five years, which has seen the UK cyber security sector grow rapidly, NCC Group is pleased to see the critical role of the cyber industry at the heart of the Government’s whole-of-society approach. Within that, NCC Group is proud to be playing its part and we look forward to supporting the Government with these aims. We are also pleased to see a commitment to ensuring that the UK’s cyber security legislation remains effective, and hope this will include much needed reform of the UK Computer Misuse Act in the not too distant future.”