UK lawmakers have called on the government to enshrine in law a new approach to economic security, citing a growing menace to the country from cyber and other threats.
The House of Commons Business and Trade Committee issued the call as it published a new report yesterday: Toward a new doctrine for economic security.
“Britain is now hugely exposed to the risks of economic warfare and bluntly, our current defenses are not fit for the future,” argued committee chair, Liam Byrne.
“As a mid-sized, open economy, we are uniquely exposed – ever more reliant on foreign capital, foreign technology and foreign ownership of critical assets. Yet the risks we face are set to get worse in the years to come as foreign investment grows, AI lowers the cost of cyber-aggression and hostile actors become more brazen.”
Read more on threats to UK’s economy: JLR Hack UK's Costliest Ever, Hitting Economy with £1.9bn Loss
The report cited 10 threats to the UK’s economic security, with “cyber” mentioned over 100 times – particularly with reference to attacks on critical national infrastructure (CNI), private companies and institutions.
“Economic security cannot be achieved without cybersecurity. The spate of cyber-attacks in 2025 has underlined their potential to devastate not just targeted companies, but consumers and wider supply chains,” the report argued.
“We welcome the steps being taken to build the UK’s cyber resilience, but these efforts need to be redoubled in light of recent events.”
Recommendations From the Committee
Among other things, the committee recommended the government:
- Introduce legislation to mandate the requirements in its voluntary Software Security Code of Practice and empower enforcement agencies to monitor for compliance
- Allow businesses to claim tax relief on IT services that directly enhance operational resilience, including “cybersecurity software, legacy system upgrades, business continuity platforms and data protection solutions”
- Consults on proposals for a mandatory cyber-incident reporting regime
Katharina Sommer, group head of government affairs and analyst relations at NCC Group, was quizzed by the committee. She positioned the report as a “clarion call” for government to get more strategic about its economic security, especially as the scale and complexity of cyber-threats, and the attack surface, continue to grow.
“Measures such as the Software Security Code of Practice will help incentivize software developers and buyers to prioritize secure-by-design principles from the outset. The proposed SME Resilience Fund and a move towards mandatory incident reporting are vital steps to ensure organizations of every size strengthen their defenses,” she argued.
“Diagnosing what threats the UK is facing across both public and private sectors is critical to building a joined-up approach towards economic security. More mature private sector partners, regardless of their industry, can act as a bridge between the government and other firms, translating raw insights into actionable intelligence for a less mature organization.”