The Channel has given a mixed response to government’s new investment plans for the cybersecurity sector.
Government has announced its New Cyber Growth Action Plan to provide a boost to jobs and innovation, growing the UK’s £13.2 billion cyber sector, as part of its Plan for Change.
It has pledged to use up to £16 million in new funding to turn innovation into new business and boost cyber startups.
Under the new plans, cyber experts from defence and big tech are also set to advise government on public sector cybersecurity, amid growing threats.
Dominic Trott, director of strategy and alliances UK, Orange Cyberdefense, welcomed the increased investment in the sector, which, he said, has been long overdue. He added that he hoped this was only the start of a wider program of initiatives.
“The Cyber Growth Action Plan’s emphasis on investing in the UK’s academic cyber sector to foster the creation of commercial companies represents a hugely welcome investment in grassroots cyber in the UK,” said Trott. “Similarly, the additional investment in cyber startups and SMEs to strengthen the UK’s wider cyber ecosystem is also tremendously encouraging.
“The UK is the largest cybersecurity market in Europe, and this boost to innovation and jobs will drive further growth. However, while these commitments are welcome, we hope that these are just the start of a broader programme of initiatives. The market would react positively to additional investment that could genuinely support the transfer of – for example - R&D insights from public agencies such as GCHQ to energise the UK cyber sector.”
Trott also called for further clarity from government on the upcoming Cyber Security and Resilience Bill. He said that it could provide the necessary impetus for boards and directors to take cybersecurity more seriously.
“The specifics of the Bill remain relatively unknown, but a dual approach of supporting cyber innovation from the ground up through funding, while applying pressure and holding the C-suite accountable, would be a welcome development,” said Trott. “This should instil confidence in that the UK can keep pace with the legislative roadmap in the EU, while fostering best-in-class cybersecurity innovation in the UK market.”
Graeme Stewart, head of public sector at Check Point Software, said that while the plans had good intentions, he hoped the upcoming cybersecurity review will be the key turning point for the sector. He also called for the National Cyber Security Centre or another regulatory body to take on a more formal role.
"What really surprised me was the makeup of the advisory board,” said Stewart. “There are plenty of big organisations represented, but no specialist cybersecurity firms are included. The absence of any dedicated cybersecurity specialists is a striking omission. It’s also worth pointing out that while there is public sector representation on the board, it’s almost entirely from academia. That does have value, and I absolutely recognise the importance of academic input, but it’s not the same as having practitioners from the frontline of the public sector.
"There’s no one from the NHS, local authorities or central government departments. That’s a concern because when organisations like the NHS or local councils are hit, the impact is felt across society. We need voices from the operational side of the public sector in the room. Without that, you risk ending up with a report that’s well-meaning but lacking the real-world insight needed to make meaningful progress."