Owing to the COVID-19 pandemic, individuals and
businesses are more dependent on all matters digital than ever. The rising
adoption of internet and IoT devices and related services are only going to
strengthen digital connectivity across the globe. However, the threat of
cyberattacks increases more and more with every new device, user, and business
connecting to the internet. Current efforts of governments and businesses are
limited in scope, which is an increasing range of cyber-risks.
According to the National Cyber Security Centre
statistics, 61% of organizations are anticipated to see an increase in
ransomware attacks, a type of malware that threatens to publish a victim’s
personal data unless a ransom is paid. Besides, government organizations remain
an attractive target for an ever-expanding army of adversaries with powerful
cyber capabilities. Between September 2020 and August 2021, around 40% of
cyberthreats were aimed at public organizations, and the trend seems to have no
signs of abating.
To counter cyberattacks, government agencies and
enterprises need to have an intense collaboration since both rely on the same
network of software vendors. Building and maintaining cyber defences is vital
to safeguard the functions and services used by everyone. The UK government
aims to maximize the benefits of digital technology by adopting proactive
management of cyber risks. UK’s new national cyber security strategy calls for
a ‘whole society approach’ to cybersecurity with a vision to make the country a
leading cyber power by 2030. The government is planning to invest USD3.89
billion (£2.6 billion) in cyber and legacy IT and additional funding of
USD50.79 million (£37.8 million) to tackle cybersecurity challenges faced by
the local council to protect vital services and data. As the world is being
fundamentally shaped by technology, the National Cyber Strategy would help UK
protect and promote its interests as a sovereign nation.
The cornerstone of establishing UK as a cyber power is
dependent on building domestic cyber resilience. Thus, it is the government’s
duty to deliver functions that promote the economy of the UK, from delivering
public services to strengthening national security without undue disruption.
Hence, the national cyber security strategy is built upon five pillars such as :
- Investing in people and skills while encouraging a close partnership between government and academic institutions
- Building resilience and reducing cyber risks
- Increasing UK’s industrial capacity based on technologies crucial for cyber power
- Establishing global leadership in cybersecurity operations
- Enhancing national cyber security and taking a more integrated approach for countering threats
National Cyber Force
Under the national cybersecurity strategy, the
government has proposed to expand the cross-agency National Cyber Force (NCF),
the unit that integrates military and intelligence personnel under a single
command structure. The NCF is responsible for operating in and through
cyberspace, disrupting those who would harm the UK and its allies and promote
UK’s interests. Keeping cyber operations at the center of its diplomatic,
economic, and military activities, UK plans to gain a competitive edge in cyber
operations with the help of NCF. Some of the main responsibilities of the
National Cyber Force include :
- Counter cyberthreats from terrorists, criminals and states that could harm UK and other democratic societies
- Manage threats that disrupt the confidentiality, integrity and availability of data and services in the country
- Contribute to UK Defence operations and help deliver UK’s foreign policy agenda
More R&D support
Majority of the companies in UK’s technology sector
are expecting an increase in sales, investment, and headcount in the coming
years; hence, the companies have called upon the government to provide greater
support for R&D and innovation as a way to help them realize their
ambitions. The national cybersecurity strategy proposes the allocation of
investment worth USD1.34 million (£100m) for expanding research capabilities.
Around £70m will be available to support R&D on hardware for designing
security and protection-technology solutions in hardware and chip designs. As
businesses are investing more in tackling cyber-attacks with ‘designing in’
measures, the investment will help to protect businesses as well as consumers
as well as reduce the growing cybersecurity costs. Besides, £30.6m will be
allocated to ensure smart internet-connected devices remain secure, which could
prove to be a real step-change for better protecting businesses, services, and
consumers from cyber-attacks. The government is also looking forward to
building expertise in existing and emerging technology such as 5G, 6G, and
other types of data transmission technologies, which can transform lives.
Cyber Aware Citizens
Cyber awareness campaigns can help individuals and
enterprises gather an understanding about securing their online activities and
protecting data and devices to avoid any kind of cyber-attacks. The UK government
has introduced a new online training platform, known as ‘cyber explorers’ for
young people and children to teach cyber skills in classrooms. Besides, the
National Cyber Advisory Board, along with National Laboratory for Operational
Technology Security will be charged with testing and providing training on
existing and emerging technologies such as 5G, 6G, applications of artificial
intelligence, blockchain, cryptographic authentication, quantum technologies,
and more.
The government aims to collaborate with “market
influencers,” including insurers and investors, to incentivize good cyber
security practices and also aims at providing better insights into how
companies will manage and mitigate risks. Besides, the government plans to
expand post-16 cyber security training opportunities to further strengthen
knowledge and skills related to the domain. To encourage people to take up
cybersecurity as a career opportunity, the UK Cyber Security Council has been
granted ‘Royal Charter’ status, which brings cybersecurity professionals in
line with those serving as engineers or medical practitioners.
Bolstering Law Enforcement
The UK government has planned to build the foundation
of risk management for detecting cyber security events across every part of its
estate and mitigate risks before they impact services and functions. With the
agility to monitor systems, networks and services before any incident happens
will help the government to provide coherent responses as well as improve the
capability to detect more such attacks in the future. The NCSC has launched an
Active Cyber Defence initiative to counter cyberattacks in an automated and
scalable manner, detecting any malicious activity on the website and then
proactively work with the hosting company to take it down. Furthermore, the
NCSC will further grow the number of offered shared services and capability to
improve the resilience in preventing cyberattacks. The National Crime Agency’s
National Cyber Crime Unit supports a network of dedicated units consisting of
43 police forces along with a regional coordinator.
The sustained and tailored deterrence campaigns will
leverage a full range of UK capabilities to get aggressive with cybercriminals.
Action Fraud, hosted by the City of London Police, will provide centralized
crime reporting, triage, and analysis to NCA for pursuing the cybercrime case.
Joining the forensic, intelligence, and data sharing capabilities into a single
platform could help the national and regional units access specialist high-end
capabilities and tools. The government will develop a cross-government
vulnerability reporting service to enable organizations to fix issues more
efficiently and rapidly. Besides, the cyber coordination center will foster
partnerships and allow government organizations to identify, investigate and
coordinate responses to incidents on public sector ecosystems.
Way Ahead
In the last five years, the government has made
significant progress in terms of cybersecurity with the establishment of the
National Cyber Security Centre and the introduction of the Minimum Cyber
Security Standards for the government. While the government’s recognition and
understanding of cyber security risks have largely evolved, there is still
significant progress to be made. The size and complexity of the government’s
digital estate, diversity of government’s supply chains, and complex government
structures can impact the visibility of cyber risks. Besides, the limited
number of resources and skilled workforce also pose some serious challenges in
mitigating cybersecurity risks. However, organizational diversity comes with a
wealth of capabilities and knowledge, which could be harnessed to bring
transformation, drive innovation, and gather analytical understandings. Cyber
resilience remains a cost-effective solution against the cyber threat; hence
government organizations must focus on building foundations to improve
technologies to match the ever-evolving cyber risk landscape.
According to TechSci Research report on “Global Cybersecurity
Market By Segment (Security Services, Network Security, Infrastructure
Protection, Identity Access Management, Data Security, Application Security,
Integrated Risk Management, Cloud Security and Others), By Deployment Mode
(On-Premise and Cloud), By Organization Size (Large Enterprises and SMEs), By
End Use Industry (BFSI, Manufacturing, Government, IT & Telecom, Retail,
Energy & Power and Others), By Region, Competition, Forecast &
Opportunities, 2025”, the global cybersecurity market is expected to grow
at a formidable rate during the forecast period. The growth can be attributed
to the rising need for strong authentication techniques and cybersecurity
solutions.
According to another TechSci
Research report on “United Kingdom Cyber
Security Market By
Security Type (Network Security, Endpoint Security, Cloud Security, Application
Security, Content Security and Others), By Solution Type (Firewall, Antivirus
& Antimalware, Risk & Compliance Management, Identity & Access
Management, Data Loss Prevention, Intrusion Detection-Prevention System,
Encryption & Decryption, Secure Web Gateways, Email Filtering, Others), By
Deployment Mode (On-Premise and Cloud), By End-User Industry (BFSI, IT &
Telecom, Defense, Energy & Power, Retail, Healthcare & Others), By
Region, Competition Forecast & Opportunities, 2027”, the United Kingdom cyber
security market is anticipated to grow at a significant rate. The market growth
can be attributed to the rapid ongoing digital transformation across various
industry verticals and flourishing e-commerce industry. Besides, increased
complexity of cyber-attacks and supportive government policies are anticipated
to drive the United Kingdom cyber security market in the coming years.