Arab Press

بالشعب و للشعب
Saturday, Jul 05, 2025

Four Takeaways From the New UK Cybersecurity Strategy

Four Takeaways From the New UK Cybersecurity Strategy

Two weeks ago, with much fanfare, the United Kingdom released a new strategy that sets out UK government’s approach to improving the country’s cybersecurity over the next five years.
It follows the UK’s previous effort dating back to 2011, and allocates £1.9 billion ($2.36 billion) over five years, doubling the previous investment of £860 million ($1 billion). This newest five year plan has the usual fare. It identifies the threats and vulnerabilities facing the UK, creates three pillars using alliteration (defend, deter and develop), and is filled with government-speak that could have been ripped from The Thick of It or Veep ("we need to invest in proofing ourselves against future threats").

The threats the UK identifies are not surprising. It singles out Russian-language organized cybercrime, state-sponsored threats, terrorist groups (although it caveats that terrorist groups are likely to prefer physical attacks over digital ones for the time being), hacktivists, and oddly, script kiddies. The strategy also points out the UK’s vulnerabilities, such as the proliferation of insecure internet of things devices, poor cyber hygiene, legacy and unpatched systems, and the availability of off-the-shelf hacking resources. These threats and vulnerabilities are not unique to the UK--every country connected to the internet faces identical or similar challenges.

There are four takeaways from the new strategy.

First, there seems to be an inherent tension between market incentives to spur better cybersecurity and regulation throughout the document. There’s a heavy emphasis placed on the importance of using a mix of intelligence sharing, incentives to spur the creation of cybersecurity products like certification schemes or incentives to create software that is "secure by default," and using the government as a test case for cybersecurity approaches with the hopes that they cascade into the private sector. However, the strategy recognizes that much of these same efforts were undertaken in the previous iteration of the strategy, with somewhat limited effect. The strategy leaves the door open to regulation but doesn’t elaborate on what that could look like. There’s also no mention of the EU network and information security directive, which the UK is still technically required to implement until it formally leaves the European Union.

Second, the strategy places heavy emphasis on taking "active cyber defense" measures to protect the UK. Generally, the term active cyber defense has been synonymous with hacking back, whereby companies and other non-government actors are allowed to retaliate in cyberspace and is controversial. In its strategy, that’s not what the UK is advocating. Instead, active cyber defense is defined as a series of technical measures, taken by government in cooperation with industry (mostly communications service providers), to make it "significantly harder to attack UK internet services and users." The technical measures include DNS filtering, coordinating botnet take-downs, DMARC and other methods to curtail phishing, man-in-the-middle attacks, and Border Gateway Protocol hijacks. If you’re technically-minded, you can read more about the UK active defense approach here.

Third, the UK, like many other countries, seems to be more open about resorting to the use of offensive cyber operations to protect and defend its interests. Five years ago, countries were loathe to openly talk about offensive cyber capabilities, with many only referencing defensive capabilities in what could be gleaned from official doctrine. Now, the UK is open about the need to invest in its National Offensive Cyber Program to ensure that UK capabilities "can be deployed at a time and place" of its choosing.

The strategy also makes clear that the UK will attribute state-sponsored cyber incidents publicly when "we judge it in the national interest to do so." Unlike the United States, Germany, Canada, South Korea, and others, the UK has yet to publicly accuse a state of being behind a specific cyber incident. Perhaps the new strategy signals that UK officials will be more open to naming and shaming as part of their cyber deterrence efforts.

Fourth the strategy makes explicit the UK’s desire to develop sovereign cryptographic capabilities, "developed in the UK, by British nationals." This raises a bunch of questions. Does the UK not trust crypto advocated by its other Five Eyes partners or in standardization bodies? Is it a response to the NSA’s alleged undermining of a widely used crypto standard that came to light as a result of Edward Snowden? Is the UK trying to stimulate the development of crypto that can be decrypted by law enforcement to fix the "going dark" problem?

As with any government strategy document, its implementation will determine its effectiveness. Much of the strategy rests on developing government capabilities with the hope that the UK private sector shamelessly pilfers the best ideas and approaches. Cybersecurity is probably one of the few areas where plagiarism is celebrated, not frowned upon.
Newsletter

Related Articles

Arab Press
0:00
0:00
Close
AI Raises Alarms Over Long-Term Job Security
Russia Formally Recognizes Taliban Government in Afghanistan
Saudi Arabia Maintains Ties with Iran Despite Israel Conflict
Mediators Edge Closer to Israel-Hamas Ceasefire Agreement
Germany Seeks Taliban Deal to Deport Afghan Migrants
Emirates Airline Expands Market Share with New $20 Million Campaign
Robots Compete in Football Tournament in China Amid Injuries
China Unveils Miniature Insect-Like Surveillance Drone
Marc Marquez Claims Victory at Dutch Grand Prix Amidst Family Misfortune
Iran Executes Alleged Israeli Spies and Arrests Hundreds Amid Post-War Crackdown
Trump Asserts Readiness for Further Strikes on Iran Amid Nuclear Tensions
Qatar Airways Clears Backlog of Passengers Following Missile Threats
Iran's Parliament Votes to Suspend Cooperation with Nuclear Watchdog
Trump Announces Upcoming US-Iran Meeting Amid Controversial Airstrikes
Trump Moves to Reshape Middle East Following Israel-Iran Conflict
NATO Leaders Endorse Plan for Increased Defence Spending
U.S. Crude Oil Prices Drop Below $65 Amid Market Volatility
“You Have 12 Hours to Flee”: Israeli Threat Campaign Targets Surviving Iranian Officials
Oman Set to Introduce Personal Income Tax, First in Gulf
Germany and Italy Under Pressure to Repatriate $245bn of Gold from US Vaults
Trump Praises Iran’s ‘Very Weak’ Response After U.S. Strikes and Presses Israel to Pursue Peace
WATCH: Israeli forces show the aftermath of a massive airstrike at Iran's Isfahan nuclear site
We have new information and breaking details to share about what is shaping up to be a historic air campaign tonight
Six Massive Bombs Dropped on Fordow; Trump: 'A Historic Moment for the U.S., Israel, and the World'
Fordow: Deeply Buried Iranian Enrichment Site in U.S.–Israel Crosshairs
United States Conducts Precision Strikes on Iran’s Nuclear Sites
US strikes Iran nuclear sites, Trump says
Pakistan to nominate Trump for Nobel Peace Prize.
Israel Confirms Assassination of Quds Force Commander in Tehran
16 Billion Login Credentials Leaked in Unprecedented Cybersecurity Breach
Senate hearing on who was 'really running' Biden White House kicks off
G7 Leaders Fail to Reach Consensus on Key Global Issues
Mass exodus in Tehran as millions try to flee following Trump’s evacuation order
Iranian Military Officers Reportedly Seek Contact with Reza Pahlavi, Signal Intent to Defect
China's Iranian Oil Imports Face Disruption Amid Escalating Middle East Tensions
Trump Demands Iran's Unconditional Surrender Amid Escalating Conflict
Israeli Airstrike Targets Iranian State TV in Central Tehran
President Trump is leaving the G7 summit early and has ordered the National Security Council to the Situation Room
Netanyahu Signals Potential Regime Change in Iran
Analysts Warn Iran May Resort to Unconventional Warfare
Iranian Regime Faces Existential Threat Amid Conflict
Energy Infrastructure Becomes War Zone in Middle East
Iran Conducts Ballistic Missile Launches Amid Heightened Tensions with Israel
Iran Signals Openness to Nuclear Negotiations Amid Ongoing Regional Tensions
Shock Within Iran’s Leadership: Khamenei’s Failed Plan to Launch 1,000 Missiles Against Israel
UK Deploys Jets to Middle East Amid Rising Tensions
Exiled Iranian Prince Reza Pahlavi Urges Overthrow of Khamenei Regime
Wreck of $17 Billion San José Galleon Identified Off Colombia After 300 Years
Iran Launches Extensive Missile Attack on Israel Following Israeli Strikes on Nuclear Sites
Israel Issues Ultimatum to Iran Over Potential Retaliation and Nuclear Facilities
×