Government has a key role here, to prime the pump for security innovation…:
[…] Published in 2016, the government’s National Cyber Security Strategy set out a five-year plan, the ongoing implementation of which is split into three tracks: Defend; Deter; and Develop.
Also presenting at the techUK event was Andrew Elliot, deputy director of cyber and digital identity at the Department for Digital, Culture, Media and Sport. He said that his department is focused on the ‘develop’ strand of the strategy rollout.
Within this, DCMS has three core objectives, he said.
“Number one is we want to have the skills and capability to meet a growing demand,” Elliot said. “We are also trying to move the responsibility for being secure from the user to the manufacturer – we want to make the internet of things secure by default. Thirdly, we want all organisations to have access to the best security products and services that they need.”
Elliot pointed to two accelerator programmes for cybersecurity start-ups as examples of programmes that demonstrate the role government can play in instigating innovation.
The London Office for Rapid Cybersecurity Advancement (Lorca), which is funded by DCMS, is now recruiting for its fourth cohort of SME companies. Firms that took part in the first three have raised a cumulative total of £58m in investment, Elliot said.
Meanwhile, the Cyber Accelerator programme, run by the NCSC from the Cheltenham headquarters of its parent agency GHCQ, is already working with its fourth cohort of start-ups. The 23 companies to take part in the first three cohorts have attracted backing totalling £35m.
While these figures appear impressive, Elliot stressed that government was still working to ascertain whether “we made sustainable interventions – or have we just created a flash in the pan?”.
“We do not have all the answers yet,” he said. “What is the core role of governments in this space?”
“Government has great convening power… We have various levers – and those levers do not always require funding large programmes”
Andrew Elliot, DCMS
Government’s ability to help organisations work together to the benefit of the UK’s security is evidenced by the growing number of cybersecurity “clusters” across the UK, Elliot said. There are now 24 such clusters around the country, each of which contains a group of cybersecurity SMEs that wish to collaborate with one another.
Another example cited by the DCMS cyber chief of how government can serve as an assembler is the creation of the UK Cyber Security Council. Whitehall funding of up to £2.5m is available to establish the council, which will be dedicated to furthering the cybersecurity profession across the UK and growing the skills. Government is currently working to choose a lead organisation to deliver the council.
“Government has great convening power – we help people make connections,” Elliot said. “We have various levers – and those levers do not always require funding large programmes.”