UK plans ‘full spectrum’ approach to national cyber security

The government is to set out a new “full spectrum” approach to the UK’s national cyber security capabilities in this week’s Integrated Review of Security, Defence, Development and Foreign Policy, which is set to be published later this week.

In what is being described as the largest review of the UK’s defensive capabilities and national security stance since the end of the Cold War, the government will set out the importance of cyber security to the nation’s defence, ranging from cyber-enhanced battlefield capabilities for the Armed Forces, right down to internet security for home users.

The government said the proposals to be contained in the review will dramatically enhance the UK’s ability to detect, disrupt and deter enemies while taking advantage of the digital revolution. Recent attacks against the UK’s interests have shown that adversaries are also investing in their own capabilities, hence the need for a new approach, it will argue.

The new cyber strategy will create a fit-for-purpose cyber ecosystem, bringing more investment in education, partnerships with the security industry, and better integration across the defence and intelligence services, the government claimed.

“Cyber power is revolutionising the way we live our lives and fight our wars, just as air power did 100 years ago. We need to build up our cyber capability so we can grasp the opportunities it presents while ensuring those who seek to use its powers to attack us and our way of life are thwarted at every turn,” said prime minister Boris Johnson.

“Our new, full-spectrum approach to cyber will transform our ability to protect our people, promote our interests around the world and make the lives of British people better every day.”

Alongside the publication of the review, and an upcoming whitepaper, Johnson will also announce this week that the new National Cyber Force (NCF) – the creation of which was announced in November 2020 as part of a £16.5bn package of measures – will be based in the north of England at the nexus of a proposed regional cyber corridor.

The NCF draws together personnel from defence and intelligence agencies under the same umbrella for the first time, and will work on a variety of projects across the security spectrum, such as disrupting the ability of terrorist cells to communicate using mobile networks; driving serious and organised crime, including child sexual abuse, out of cyber space; and new defensive systems for UK military aircraft. It will also work alongside the UK’s new cyber security regiment, the 13^th Signals.

The government said this would drive growth and investment in the technology, digital and defence sectors outside of London, and create new partnerships between government, local tech firms and universities in the north.

The defence sector alone currently sustains around 35,000 jobs in the north west of England – including 10,000 supporting maritime design around Barrow in Cumbria, and another 12,000 in aerospace around Preston in Lancashire, where the UK is producing the fifth generation F-35 stealth aircraft. Intelligence agency GCHQ also has a Manchester base, linking in with the city’s booming digital sector.

Francis Gaffney, director of threat intelligence and response at Mimecast, lent his support to the government’s proposals. “This shows a real appetite to take action to limit the risks of cyber attacks at the highest level of the country. This will help the UK maintain its excellent cyber capabilities and provision that is capable of thwarting attacks from enemy states who wish to do is harm via satellite, mobile, or computer networks, as well as critical national infrastructure (CNI),” he said.

Gaffney said that the impact of the Covid-19 pandemic had exposed the lack of attention paid within UK organisations to cyber security practices, so hoped the inclusion of cyber at a national policy level would have a positive impact on the overall hygiene of both citizens and businesses.