How is the UK responding to the cyber challenges in today’s global landscape? In this guest blog, Dr Henry Pearson, the UK’s Cyber Security Ambassador, talks priorities, plans and progress

There are many benefits of being so digitally connected but these must be balanced by increased risks from cyber threats. In the UK, latest data shows that 46% of businesses, large or small, experienced a cyber-attack or breach in the last year. Of course this isn’t unique to the UK alone but we’re also only counting companies which managed to detect a breach.
Challenges
The cyber threat is evolving fast and becoming technically more complex – the boundaries between state organised attacks and cyber criminals are becoming increasingly blurred. To counter this threat we must be increasingly adaptable. More importantly, international collaboration is ever more crucial in helping us overcome these evolving challenges.
The pandemic has exacerbated cyber security issues, both because of the wider adoption of the technology needed to work from home, as well as a rise in opportunistic cyber criminality and state actors targeting organisations involved in coronavirus vaccine development.
We also expect that in a post-lockdown world there will be ever greater reliance on cyberspace. The level and size of this shift to an online world is still to be assessed. But there are already trends emerging from sectors such as healthcare, which are reporting digital transformations taking just two months to complete, when they had previously been planned to take place over the next 10 years.
The UK way
At the national level we have had the benefit of successive governments that have recognised the critical importance of cyber security, and this has been consistently highlighted in policy statements.
This has allowed us to take a top-down strategic approach, by which I mean that we don’t just have a series of paper strategies but back them up with properly funded five year strategic plans. For example, over the past 10 years we have invested more than £2 billion in transformational cyber security projects.
We’ve also taken a whole of government approach – many departments have had a part to play in delivering aspects of the overall strategy. But within that we needed to have a clear operational and technical lead – a single central body for cyber security at the national level and that came with the establishment of the UK’s National Cyber Security Centre (NCSC).
Its responsibilities have been carefully honed to the UK environment and the reasons for its position within government is now a relatively well understood story. But it’s not a case that one size fits all – the most effective structure depends on how each country is run and to some extent their culture.
At the same time, partnership is needed between government and industry. Government certainly cannot do everything but over the years we have learnt where it must take a lead – such as in our Active Cyber Defence programme. The benefits of the UK’s strategic approach can be seen in how the NCSC has been able to respond to the new threats posed by the pandemic. Over the past eight or nine months much of the activity has been focused around defending the UK from coronavirus threats – including elements such as building NHS resilience, protecting vaccine and medicine research, supporting remote working and tackling cyber-crime, securing the NHS Covid-19 App and supporting essential service providers.
Going global
We all know that cyber threats don’t respect national boundaries. As such, the UK relies on close collaboration with international partners. But not all countries have the same view as us and our allies on how the internet should be governed and this is an ongoing debate which will continue over the next few years.
Another key ask for our international partners is to share knowledge about threats, vulnerabilities and technology development – the depth of sharing depends on the depth of the relationship but we want to share information with as broad a range of countries as possible.
We’ve also worked on a government-to-government basis with our allies, using mechanisms such as Memorandums of Understanding to increase collaboration on cyber security. We also see exporting our cyber security services, systems and products as a key way we can support our friends and allies – recent data on defence and security exports shows that the UK’s cyber security exports jumped to nearly £4 billion in 2019.
We cannot underestimate the global scale of the cyber threats we face. Collaboration then, both here in the UK and with our friends and allies abroad, offers the best and perhaps only way to face down these challenges.
About the author
Dr Henry Pearson is the UK’s Cyber Security Ambassador

Explore more content from our Global Executive Client Forum
Opportunities and challenges associated with Cyber Defence, Digital Transformation and supporting the National Security Mission
Find out more
Recommended reading:
- Staying ahead in the cyber arms race. With many countries focusing on developing offensive cyber capability, Dr Mary Haigh examines what needs to be done to stay ahead of adversaries
- Stepping up on Cyber Defence. Christine Maxwell is a woman on a mission – a cyber mission. She tells Mivy James about overseeing the ever evolving challenge of Cyber Defence and Risk at the UK’s Ministry of Defence
- The Cyber Threat: before, during and after lockdown. No sector of society has proved immune to the spiralling effect of Covid-19 – and that includes cyber security. With the kaleidoscope shaken and pieces still in flux, Adrian Nish examines its impact so far
- Strength in numbers: forming federations in cyber defence. Federations of Security Operations Centres can deliver a step-change in cyber security, says Chris Holt. He explores how to turn barrier into breakthrough
- A year of transformation. No one will ever forget 2020. Here, Julian Cracknell reflects on the disruption, treats and innovation which have shaped the year gone by
- Mapping the cyber impact of Covid-19. The Covid-19 pandemic has uprooted all our lives but what about its national cyber and policy implications? RUSI’s Rebecca Lucas examines its impact so far