#InfosecurityEurope: What TechUK's New Plan Means for Cybersecurity

Written by

The next UK general election is only a year away, the next British government will have fewer resources than ever to survive the global tech race, the TechUK trade association has recently warned.

That said, the country has a solid base to build on. The tech sector’s contribution to the British economy now adds over £150bn annually, which makes it the leading tech sector in Europe – and could reach roughly £200bn per year to the economy by the mid-2020s if well supported.

TechUK believes a long-term, ambitious tech strategy is now needed to keep up with the challenges to come, including artificial intelligence (AI) and quantum races, the need to develop a greener tech sector and the fight for semiconductors.

On June 6, the association launched a UK Tech Plan which outlines 18 opportunities the UK must seize and five challenges the UK tech sector will face in the future.

Dan Morgan, senior government affairs director for Europe & APAC at SecurityScorecard, welcomed the Plan. He outlined that "a comprehensive, forward-thinking strategy is vital for the UK to stay competitive in the global technology market. As technology and digital services become more deeply embedded in our everyday lives, the need for a well-defined, strategic plan becomes even more critical.”

Gary Cox, technical director for Western Europe at DNS security provider Infoblox also praised the TechUK initiative: “A plan, any plan, for technology is good and will be an improvement on where we are today. Without improvements and advances, there would be no innovation and progress, and let’s face it, the UK economy needs a boost right now, or we risk dropping behind the world stage.”

National Database of Cyber Incidents

At least eight opportunities listed by TechUK involve cybersecurity measures. For instance, opportunity 2 – called “Make the UK one of the most trusted, safe and secure places to be online” – suggests building a national database of cyber incidents and launching a series of pilot programs seeking to improve the safe and secure use of data for research and development.

Morgan said the UK government could rely on existing cyber risk rating systems to achieve these objectives.

“Such a system can provide an objective analysis of a company's cyber risk profile, which can help identify vulnerabilities and guide remediation efforts. However, it's also important to ensure that such ratings are accurate, transparent, and don't introduce additional security vulnerabilities. Furthermore, defining what constitutes a good or bad score and what actions should be taken as a result could prove challenging,” he told Infosecurity.

Saj Huq, CCO of Plexal, will give a keynote speech on the UK cyber ecosystem during Infosecurity Europe on Tuesday, June 20. Register here.

Other propositions from TechUK’s Plan include initiatives to push law enforcement to better use technology to fight against fraud, cybercrime and online harm, modernize the NHS’ and social care services’ information systems, keep a leading role in fintech and AI, make the country a leader in quantum technologies and one of the top semiconductor producers, all while making sure proper cybersecurity measures are ensured.

The Plan also outlines actions to “plug the digital skills gap” and boost recruitment for cyber roles in the private sector and law enforcement institutions.

A Clearer Regulatory Approach

According to Morgan, the Plan is a “promising start” towards a more secure and resilient digital future for the UK.

“However, careful thought and planning will be needed to ensure the strategy is effective, balanced, and sustainable in the long term. The involvement of politicians in devising and implementing the strategy is important to ensure that the strategy has the necessary political backing and legal force, [but] it's also important that politicians work closely with experts in the tech industry to ensure that the strategy is informed by the latest technological developments and industry best practices,” he said.

TechUK deputy CEO Antony Walker shared the same vision. During a press conference, he said that the Plan was developed in coordination with large and small tech firms operating in the UK.

He also added that “the need to get tech policy right has never been greater” in the face of the global digital economy’s growing complexity, the increasing geopolitical tensions, the surge in supply chains challenges, including semiconductor shortage and supply chain cyber-attacks, and questions around the regulation of AI.

According to Simon Newman, an Advisory Council member of International Cyber Expo and CEO of the Cyber Resilience Centre for London, "This is a fantastic report by TechUK which sets out a number of wide-ranging opportunities that will drive innovation, improve skills and enable SMEs to harness the benefits from increased digitalization. These opportunities are not without challenges but show what can be achieved from championing innovation among the UK's growing tech sector."

One area where the Plan seems to contradict the current government’s approach is regulation.  According to feedback from TechUK’s nearly 1000 members, there has been much confusion from the industry about the UK strategy in regulating tech sectors, including AI and cybersecurity.

“Despite warm words from the Government on having a light touch and pro-innovation approach to regulation, the regulatory burden and cost of doing business has continued to rise. A confused approach to how we approach EU rules has emerged, in some cases resulting in the UK becoming an expensive and awkward market,” reads the Plan.

AI ethics, security regulation, filling the cyber skills gap and securing critical national infrastructure will be among the top talking points during Infosecurity Europe in London on 20-22 June. Register here.

What’s hot on Infosecurity Magazine?