Budget 2016: What about cybersecurity spending?

George Osborne
Opinion
16 Mar, 2016

George Osborne's failure to explain how cyber budget will be spent was a missed opportunity

Anyone hopeful that IT would get more than a passing nod in today's Budget 2016 speech will be hugely disappointed.

While we at IT Pro had hedged our bets on Chancellor of the Exchequer, George Osborne, expanding on his cybersecurity spending spree speech from the end of last year, the only mentions of "delivering security" and "a cocktail of risk" referred to economic stability.

This stands in stark contrast to November last year, when he uttered the word 'cyber' a staggering 134 times in a 45-minute speech - there wasn't even a solitary mention in the 2016 budget delivery.

Having sat through the entire hour and a boring bit of it, we were convinced that IT security would surely feature at some point. But no, nothing; a whole lot of nothing.

Given that Osborne plans, or at least we assume he still plans, to double cybersecurity spending to £1.9 billion over the next five years, this lack of any further detail was quite incredible. When will we find out exactly where the money will go? When will we discover if it is money wisely spent? This silence does not bode well.

Considering Osborne's own admission that the cyber workforce gap could hit 1.5 million by 2020, to not address this is surprising. If his plans to boost cybersecurity are to bear any fruit, this must be at the very core (pardon the pun) of his strategy.

With the Investigatory Powers Bill remaining at the centre of a wider debate about privacy, and the IT security industry's contention this week that it's not fit for purpose, you might expect a mention on cybersecurity today. You'd be forgiven for thinking the budget might have provided a decent opportunity to forward the notion of this government as defenders of our corporate data, rather than snoopers of our secrets.

But no, nada, niet, nowt.

Arguing that the budget is about making new announcements rather than repeating old ones does not wash with us. After all, most of the announcements made had already been leaked to the media or were, indeed, older commitments repeated once again.

The government must start taking the concerns around the Snooper's Charter and its strategic cybersecurity planning seriously by addressing these directly and in detail. It needs to define where the money will be spent, again in detail rather than in media-friendly soundbites.

We need to see that this government understands the need for a secure-by-default approach to data, to infrastructure and process.