Five Principles for the Next UK Cyber Strategy

This article from RUSI (no, not Russia) is worth a read in the run-up to the next 5 year plan. Here’s an extract…:

[…] WE NEED A COMPELLING RISK MANAGEMENT APPROACH TO THE GLOBALISATION OF TECHNOLOGY

Well before the pandemic, we were wrestling with security issues around our global supply chains; our dependency on other countries, particularly China, for key technology and other goods; the lack of sovereign capability in critical areas; and the challenges of foreign direct investment, especially from China.

The debate over Huawei and 5G just started to bring these issues into focus, and the pandemic has turned a new spotlight on them. But there are no easy answers. Established principles of maintaining good cyber security, diverse supply chains and resilient design apply in many technology areas. But at times they may be easier said than done.

There has rightly been a strong emphasis on building security into the design of new technology, but with so much technology developed beyond our reach and influence the reality is that much of it will be insecure by default. Debates around creating new sovereign technology in critical areas will need to be rooted in the art of the possible and will require a substantive and wide-reaching industrial strategy to have a hope of becoming reality. We need new partnerships between government, academia and the private sector to develop innovative technology, and must be prepared to take more risk in backing new ideas.

[…]

Original article here