Government Unveils National Cyber Strategy To Protect UK Plc

The British government has today published its new National Cyber Strategy, to ensure the country has the necessary means to defend itself in cyberspace.

In essence, the new strategy aims to reinforce the UK’s economic and strategic strengths in cyberspace, including more diversity in the workforce.

It also seeks to level up the cyber sector across all UK regions, expand the UK’s offensive and defensive cyber capabilities, and prioritise cyber security in the workplace, boardrooms and digital supply chains.

Global cyber power

There is no question that United Kingdom has been steadily growing its cyber capabilities over the past decade.

In June 2011 for example the UK Ministry of Defence created a joint force command unit, that integrated the MoD’s cyber warfare and military intelligence units.

A few months prior to that in May 2011, the British government also acknowledged it had begun work on a “toolbox” of offensive cyber-weapons to complement its existing cyber defensive capabilities.

Then in 2013, the MoD began to allow convicted hackers to join the UK’s Joint Cyber Reserve Unit (JCRU).

And this past decade has seen the government continue to expand the UK’s cyber-security forces, including the foundation of the National Cyber Security Centre (based in London), which operates under GCHQ (based in Cheltenham).

Indeed, between 2011 and 2016, the Government allocated £860m to the National Cyber Security Programme, and for the five years from 2016 to 2021, the Government “has in recognition of the threat – significantly increased funding and allocated £1.9bn for the new National Cyber Security Strategy.”

High-end capabilities

And with the online threats continuing to grow, so has the government’s cyber offensive capabilities.

In September 2018 the Government said it would expand the UK’s offensive cyber-war capabilities by approximately fourfold with a new cyber warfare unit.

The exact nature of the UK’s offensive cyber weaponry is a closely guarded secret, but in a submission to a report December 2017 by parliament’s intelligence and security committee, GCHQ said the capabilities of its cyber unit extended to “the high end of counter state offensive cyber capabilities”.

In April 2018 the government revealed it had carried out a cyber-attack on the ISIL or Islamic State terrorist group.

In February 2020 the United Kingdom said it was readying the official launch of a specialist cyber force that will target terror groups and hostile nation states. It officially launched it in November 2020.

And in October this year it was revealed the headquarters of the National Cyber Force, is to be located in Samlesbury, Lancashire.

The NCF combines personnel from intelligence, cyber and security agency GCHQ, the MoD, the Secret Intelligence Service (MI6) and the Defence Science and Technology Laboratory (DSTL), under one unified command for the first time.

Its remit is to carry out offensive cyber operations, which “can disrupt hostile state activities, terrorists and criminals threatening the UK’s national security – from countering terror plots to conducting military operations.”

National Cyber Strategy

And now the government published its new National Cyber Strategy which sets out how the UK will solidify its position as a global cyber power.

Through the strategy, the Government said it is calling on all parts of society to play their part in reinforcing the UK’s economic and strategic strengths in cyberspace – this means more diversity in the workforce, levelling up the cyber sector across all UK regions, expanding our offensive and defensive cyber capabilities and prioritising cyber security in the workplace, boardrooms and digital supply chains.

“The new National Cyber Strategy transforms how the UK will advance its national interests in cyberspace and is a major milestone following the publication of the Integrated Review earlier this year,” explained Steve Barclay, the Chancellor of the Duchy of Lancaster.

“It sets out a clear vision for building cyber expertise in all parts of the country, strengthening our offensive and defensive capabilities and ensuring the whole of society plays its part in the UK’s cyber future, and comes with record funding to match,” said Barclay.

Practical steps sees the government announcing a new “Cyber Explorers” online training platform to help teach young people cyber skills in classrooms.

It is also taking steps to improve diversity in the cyber workforce through a new adult scheme which will ensure that people from all backgrounds have access to these high skill, high priority jobs.

In addition, a new “Royal Charter” for the UK Cyber Security Council has been approved by the Queen, which will help improve cyber careers and bring the cyber workforce into line with other professional occupations like engineering.

And the government said that funding for “these growth and skills programmes will be reoriented away from large, often London-based initiatives to a regionally delivered model which will mean more jobs and better opportunities for people across the UK.”

The strategy also sets out the Government’s plan to keep citizens safe in cyberspace and stamp out cyber crime by:

• Bolstering law enforcement with significant funding so that they can ramp up their targeting of criminals;
• Increasing investment in the National Cyber Force which represents the UK’s offensive capability to counter, disrupt, degrade and contest those who would do harm to the UK and its allies;
• Expanding GCHQ’s National Cyber Security Centre’s research capabilities, including the new applied research hub in Manchester;
• Implementing the Product Security and Telecommunications Infrastructure Bill to enforce minimum security standards in all new consumer smart products; and
• Investing in public sector cyber security to ensure that key public services remain resilient to evolving threats and can continue to deliver for citizens who need them.

“Cybercrime ruins lives and facilitates further crimes such as fraud, stalking, and domestic abuse,” said Priti Patel, the Home Secretary. “Billions of pounds are lost each year to cybercriminals who steal or hold personal data to ransom and who disrupt key public services or vital sectors of the national economy.”

“This strategy will significantly improve the Government’s response to the ever-changing threat from cybercrime and strengthen law enforcement’s response in partnership with NCSC and the National Cyber Force,” said the Home Secretary. “We all have a part to play in protecting ourselves from cybercrime. It is important that as a society, we take this threat seriously.”

“As we continue to face threats in cyberspace, it is essential that we continue to adapt, innovate, partner and succeed against evolving aggressive activity,” added Commander of Strategic Command General Patrick Sanders.

“The National Cyber Strategy builds on the country’s strong foundations in cyber security that GCHQ’s work has been part of, particularly through the NCSC,” noted Sir Jeremy Fleming, Director GCHQ.

“But it goes beyond that. It brings together the full range of cyber activities, from skills to communities, and to the use of offensive cyber capabilities through the newly established National Cyber Force,” he said.

“It shows how the UK can build capacity across the country to continue to prosper from the opportunities of cyberspace,” said Fleming. “And, as a leading responsible cyber power, can build alliances with democratic partners around the world to protect a free, open and peaceful cyberspace.”