Driving the UK's digital economy with the National Cyber Security Strategy

Sonya Mathieu at Dell Technologies explains the importance of the UK’s National Cyber Security Strategy to the British business community

Resilience is the key to the UK’s economy. Our digital economy has made great strides in recent years. Meanwhile, cyber attacks are more and more frequent. The UK Government’s National Cyber Security Strategy seeks to underpin our digital future with resilience.

Now more than ever, it is when not if organisations will face cyber attacks. So the focus on resilience and recovery is timely and needed.

The cyber crime reality remains stark. As an industry, it would represent the world’s third-largest economy. We can attribute the magnitude of the challenge to the convergence of three fundamental dynamics.  

Firstly, businesses increasingly use data-heavy emerging technologies across an ever more diverse and distributed landscape. Of course, this evolution is a natural step through the data era and beyond the 4^th Industrial Revolution.

Combined with this is the impact of a pandemic and a fundamental shift towards ’working from anywhere’ business models. As a result we’re witnessing the exacerbation of existing vulnerabilities. The ultimate consequence is increased use of unsecured connections and ransomware and malware attacks.

As public and private sector entities settle into more established and formalised hybrid working models, three key insights will help us drive the UK’s digital economy further, in line with the National Cyber Security Strategy.

1. Cyber security is all about people

 To build top-of-the-line cyber security, you need to consider people. All good tech needs to consider human behaviour and adapt to it – not the other way around. For example, 45% of data breaches in the UK occur due to phishing.

This can be combatted by using AI to watch out for unusual behaviour and spot relevant changes to patterns, detecting potential phishing attacks. Gaining insight from these behaviours will help better tailor future cyber solutions around humans.

Businesses need to arm their employees with the right knowledge and an understanding that they can help thwart cyber criminals if they follow security requirements.

But we cannot purely rely on training and education. Businesses must make that behaviour the default through the deployment of intrinsically secure technologies and technology processes.

For example, Intrinsic Security is a strategy that delivers innovative security controls to prevent, detect and respond to threats. Instead of trusting specific devices or IP addresses, it forces all users and devices to authenticate themselves when accessing sensitive data and applications which help to prevent bad actors breaching our critical infrastructure and reduce the number of cyber attacks.

Cyber security affects everyone, and all humans need to be not only considered but represented in the industry. Figures show a rise of women in the UK cyber sector – around 36% in a 2021 NCSC report, 5% up on the previous year – and that the percentage of employees from ethnic minority backgrounds and with disabilities are broadly in line with the general population.

Yet there are still inclusion challenges with more than double the number of women than men, and 40% of black employees compared to 24% of white, stating they have faced barriers to career progression. We need to ensure career pathways into the cyber industry are easily accessible.

This is a challenge neither the private nor public sector can solve alone. We have to work together.

At its heart, levelling up is about expanding opportunities so that everyone, everywhere can actively participate in the UK’s digital economy. We have an opportunity to invest in building the workforce of the future, enabling digital Britain to flourish and empowering everyone with a role in the future economy.

Done right, levelling up the UK’s technology infrastructure will expand who and where we look to for talent in Britain’s growing sectors. The National Cyber Security Strategy commits to facilitating better integration between regional cyber networks across the UK.

2. We need more international cooperation

We are deeply integrated into organisations in both the UK and globally, helping to build secure infrastructure, so we know that work is happening already in this space and we must strive for even greater unity as many regions fracture or nations turn inwards.

Staying ahead of the cyber challenges of today and tomorrow requires more than one-country solutions. Cyber criminals know no borders, and so the solution must match the threat. As UK organisations bolster their defences, regulatory spheres are potentially diverging.

Multi-national corporations operating in competing political environments must align with each country’s privacy expectations and regulations. Internationally-relevant cooperation can help keep us safe with privacy and security underpinning values.

Legislators can identify new and emerging threats by cooperating with international partners and responding with the required regulation. We must work with international partners to ensure that increased global data access and flows do not increase the UK’s security risks.

The values of openness and democracy are generally placed in the highest regard and this includes pursuing a responsible, democratic approach to cyber power. To cite the UK Cyber Security Strategy, a world where open societies and economies can flourish, is the best guarantor of our future prosperity, sovereignty, and security.

3. Cyber alignment boosts resilience

We’re in a world where we need to move from prevention to resilience. There are considerable benefits for the UK to grasp by being more cyber resilient. Moving our economy towards one of preparedness and agile recovery is the key to creating a genuinely future-facing economy, particularly given the global rise in cyber attacks. 

Recently, I had the privilege of being part of an event at Kings College which brought together leaders from academia, Members of Parliament, Government officials and leaders from financial services for a discussion on how we can come together to protect the nation’s data. We agreed that building walls is not the answer. Instead, we need to assume that we won’t be prepared for what is to come, assume that bad actors will find a way to get in, and have a plan for recovery.

For that to happen, we need the public sector to take a more hands-on role and for businesses to support the Government’s agenda. By aligning with Government strategy, organisations will have more freedom to innovate, with tech solutions that balance security needs with space for creativity.

It’s not just a question of a tandem approach between the public and private sectors. It will take a shift of mindset and practice for all of us – public and private sectors, non-profits, households and individuals – to recognise each other’s societal worth in the fabric of the UK’s collective cyber resiliency.

Anchored in the levelling-up agenda and supporting the Government’s ten tech priorities, the National Cyber Security Strategy envisions a prosperous digital economy by 2030 – in which innovation is fuelled by confidence in our growing cyber capabilities.

Only when cooperative preparedness and embracing the move to resilience becomes a fundamental part of what we all do will we pave the way for true innovation and flourishing economic growth.

Sonya Mathieu is Director, Data Protection and Cyber Resilience, UK at Dell Technologies

Main image courtesy of iStockPhoto.com