The UK government unveiled its long-awaited National Cyber Strategy yesterday, outlining how it plans to improve the resilience of UK institutions and businesses while protecting the country’s interests in ‘cyberspace’. The strategy signals a more interventionist stance from the government, experts told Tech Monitor, which has previously looked to the private sector for leadership. Its commitment to a ‘whole of society’ approach, meanwhile, risks overlooking the need for more diverse perspectives in the cybersecurity workforce.”
Then I provided a more detailed breakdown of the strategy for CircleID…
The 2016 UK Cyber Security Strategy was largely focused on deeper involvement by the government across a broad range of activities, including building cyber offensive capabilities, skills development across key sectors, enhancing coordination and incident response (including the creation of the National Cyber Security Center), promoting innovation, and incubating the UK cyber commercial sector. The 2022 strategy seeks to sustain and build upon the progress from 2016, but taking a ‘cyber ecosystem’ approach that integrates a broader range of stakeholder groups across society in developing cyber risk responses. Think of it as an acknowledgment that cyber security issues are so broad, complex and interlinked that they need to be knitted into the very fabric of national policymaking, including education strategy, regulatory/legal reform, foreign policy, and industrial policy, among others.
The government has come to terms with the fact that it doesn’t have the resources or the depth of skills to tackle all the UK’s cyber-related problems on its own and that private-sector leadership won’t necessarily achieve the desired outcomes. The 2022 Cyber Security Strategy signals the government’s intention to carve out key roles—coordinator, convener, and enabler—in the UK’s cyber ecosystem. The 2016 National Cyber Security Strategy received heavy criticism from the Public Accounts Committee, which maintained there was a lack of evidence and no solid business case to justify the £1.9 billion funding it received—making it nearly impossible to measure success. The ‘whole of society’ approach outlined in the 2022 document illustrates a deeper understanding of cyber issues and brings together the full range of cyber activities domestically and internationally into a seemingly cohesive vision with more measurable outcomes and outputs […]
Feel free to view the entire blog article on the CircleID website.