The Government unveiled the National Cyber Strategy 2022 yesterday, which sets out how the UK will solidify its position as a global cyber power and its aim to nurture the UK’s competitive advantage in navigating cyberspace. The new strategy replaces the Government’s National Cyber Security Strategy 2016-21 and partially continues its interventionist approach while broadening the focus beyond solely cyber security and offensive cyber to a new ‘whole of society’ approach. The commitment of £2.6 billion of investment, outstripping the £1.9 billion allocated to the prior strategy, is a firm demonstration of the commitment underpinning the new approach.

The new National Cyber Strategy adopts the strategic framework of the Government’s Integrated Review, released in March this year, and sets out five pillars for achieving the goals of the strategy by 2025. These pillars are as follows:

  1. Strengthening the UK’s cyber ecosystem.
  2. Building a resilient and prosperous digital UK.
  3. Taking the lead in the technologies vital to cyber power.
  4. Advancing UK global leadership and influence for a secure and prosperous international order.
  5. Detecting, disrupting, and deterring our adversaries to enhance UK security in and through cyberspace.

Underpinning each of these pillars the strategy sets out a comprehensive range of commitments and initiatives. Most notably for industry, the Government will establish a new senior National Cyber Advisory Board, which will bring together leaders from the private and third sectors to inform the UK’s approach to cyber. Alongside this, it highlights the recent issuing of a Royal Charter to the UK Cyber Security Council, who will now create a chartered cyber security profession. There will also be considerable interest in the new national laboratory for operational technology security, which will act as a centre of excellence for testing, exercising, and training on critical industrial technologies.

Under the umbrella of its ‘whole of society’ approach, the strategy also places a heightened emphasis on the role of industry, both in terms of the wider economy and the cyber security sector itself, to help the Government to deliver its goals. Stating that ‘governments must work with partners to attain and exercise it [cyber power]’ and that ‘the pace of technological change means that it can be gained and lost more quickly’ are welcome acknowledgements of the contribution that industry can make in responding to rapid technological and threat change. This is underlined by the Government’s new readiness to strengthen its involvement in critical cyber technologies and to develop the domestic industrial base.

From an inter-departmental perspective, the National Cyber Strategy also represents a new approach towards the Government’s handling of cyber security issues. The strategy represents a transition from a largely centrally managed programme to a ‘mainstreaming’ approach that devolves responsibility for its delivery across all departments (a diagram outlining the ministerial responsibilities is shown below). The funding model will also be split accordingly and allocated on a more regional basis.

As the strategy recognises, the UK is a global leader in cyber security, with £8.9 billion revenue generated last year, supporting 46,700 skilled jobs. ADS now looks forward to working closely with the Government to deliver the strategy, foster economy prosperity, and support national security. ADS Chief Executive Kevin Craven said:

The UK’s cyber security sector has a strong international reputation for excellence and innovation, and has grown significantly in the last five years, delivering more than £4bn in exports in 2020.

ADS welcomes the new National Cyber Strategy, which is a major milestone following the publication of the Integrated Review. Crucially, it provides welcome recognition of the need for government to closely partner with industry to respond to the rapid pace of technological and threat change.

The new strategy and the accompanying £2.6bn of investment will strengthen the UK’s position as a global cyber power and foster economic prosperity and digital skills across all UK regions.

Image: National Cyber Strategy Ministerial Responsibilities