We can no longer avoid the digital revolution—it confronts us every time we shop, contact friends, check the time, ask for directions or perform countless other everyday tasks. Digital technology has fully embedded itself in our lives.
Making the most of it means building an environment that rewards innovation, backs people to take risks in starting a business, and helps business to grow. A strong environment for enterprise means tackling the new challenges that come with new technology, and developing new protections. After all, our world-leading digital economy makes us a target for cyber criminals, hacktivists and hostile state actors.
We are all responsible for cyber-security—and must all do our bit. But there is a crucial role for government too—in helping to set standards and tackle threats that can’t be tackled alone. Many of the attacks we face, we face together. So our cyber defences are stronger together too. It is vital we work across government, in close collaboration with industry, academia and international partners, to defend against attacks.
Let’s take an example. While “smart cars” already offer drivers access to maps, information and digital services from the driving seat, automated vehicles will soon become a common sight on British roads. Some fear that would-be hackers could target smart vehicles to access personal data, steal cars that use keyless entry, or even take control of the technology for malicious reasons. While we must always welcome the new technology that makes our lives better, we need to be clear-eyed about tackling all the risks.
In the case of smart cars, we’ve developed eight principles as guidance for the automotive industry. Engineers developing smart vehicles will have to toughen up cyber protections to protect against hacking and maintain digital security from the early stages of design and manufacture through to the very end of the production process.
Giving people the ability to protect themselves is crucial. As the digital revolution sweeps all parts of our economy, so our response must be comprehensive. The Queen recently opened our new National Cyber Security Centre (NCSC), bringing together some of the most gifted public servants in our country along with business leaders and academia to ensure that we stay ahead of this fight. The NCSC is part of a £1.9bn strategy—we have the funding to back up the political will.
As I travel the world, other governments ask me how we’re getting this right and many are looking at replicating the UK model, which directs expertise to protect the public and the private sectors, and assists in responding to major cyber incidents. The NCSC can talk in plain English too, as we have seen with the Cyber Essentials scheme which sets out in layman’s terms what even the smallest business should do to keep itself and its customers secure.
Government has a special responsibility to protect our essential services. So we’ve increased the incentives for critical infrastructure such as energy and transport to put protections in place, with bigger fines for poor practice. And we are working to ensure that both government and private services are “secure by default”—reducing the burden on consumers to protect their own devices. The Active Cyber Defence system is helping to make the UK the hardest target for potential antagonists.
Some of these steps will require changes to the law. So the new Data Protection Bill will bring in cutting-edge data security standards, with stronger requirements for organisations to report breaches in the security systems that protect their data.
But legislation alone won’t fix this. Over a generation we must stay ahead of adversaries. Britain needs far more cyber specialists, both in government, and in our burgeoning cyber-security businesses. These jobs pay well, and have a strong mission. To future-proof us against risks we can’t yet anticipate, we have extracurricular clubs, support for degrees, and cyber apprenticeships.
Ultimately, all this is in support of a bigger prize. To make sure Britain can prosper—safely and securely—in the coming digital world. It’s an exciting moment. And one we must get right, if we are to succeed in the decades to come.