Tech firms welcome Cyber Security Export Strategy
But experts caution against nation state hacking risks, and urge firms to get basics right
The UK government's new Cyber Security Export Strategy has been welcomed by tech industry experts who believe it will help small businesses secure contracts with overseas buyers.
The plan, published by the Department for International Trade (DIT) yesterday, sets out to support the UK's cyber security companies and small businesses as they look to grow, and make the UK a global leader in the fight against cybercrime.
There are around 800 cyber security companies in the UK, many of which are small firms, and the plans set out by the DIT will look to enable them to winppost-Brexit contracts that provide security for high profile international buyers and protect networks across the world.
DIT will work in priority territories, such as the USA, Japan, Singapore and India, to engage with governments to work on opportunities in the six sectors it identifies as key; government, financial services, automotive, energy and critical national infrastructure (CNI), healthcare and infrastructure.
Cybercrime cost businesses 29 billion in 2016
In 2016 cybercrime cost UK businesses 29 billion, the government said, and remains a big concern for both large and small companies. Rob Wilkinson, corporate security specialist at web security firm Smoothwall, believes the government is sending out the right message after some high profile attacks.
"The government's new Cyber Security Export Strategy sends out a message in no uncertain terms that security is and will remain top of the agenda," he said, pointing to growing tensions between nation states and WannaCry's ability to hit infrastructure targets like hospitals. But recent attacks like this, suspected to come from North Korea, mean the UK government must rebuild its reputation too, he argued, while smaller firms require better protection.
"SMBs are particularly easy targets for hackers; they are often part of larger companies' supply chains and so act as a direct route into those businesses with huge amounts of sensitive consumer and financial data that can be extracted," he pointed out.
"Whether a small or large business, healthcare institution or government, the advice is always the same: ensure that a layered defence is set up which spans encryption, firewalls, web filtering and ongoing threat monitoring. Papering over cracks is no longer an option."
Get the basics right
The UK's cyber security sector is fast growing and forecast to export 2.6 billion by 2021, but opening up to other less technologically-mature economies - as outlined in the strategy - presents an opportunity for hackers, digital security vendor Gemalto warned.
Data protection CTO Jason Hart said he is happy to see the UK sharing its expertise, but stresses the need for businesses to get the 'basics' right to fully protect their valuable data.
"The UK has long been a cyber security leader, so it's great to see some of this expertise being shared with other countries," he said.
"With much of our world now connected by valuable data, hackers can easily access this data unless everyone gets the basics right when it comes to security.
"Businesses need to be protecting what matters by encrypting the data at its source and restrict access via identity controls. If the UK can help other nations follow these basic security principles then we'll go some way to better protecting our valuable assets."
Cyber security bootcamps
Many of the UK's 800 cyber security companies are small startups with limited experience in exporting their products, and the government hopes to help these firms with funding and training.
Talal Rajab, head of cyber security at trade industry body TechUK, which represents many small firms, believes that the government can help SMBs flourish where they often struggle.
"The cyber export strategy published yesterday is an ambitious, programme of activity designed to help UK cyber companies find and secure export opportunities," he told IT Pro.
"With in-country support, through the work of the three cyber envoys soon to be appointed, this will particularly help cyber SMBs in their export activity.
"Coupled with the SMB bootcamps that DCMS is running, these initiatives will go a long way to helping SMBs in what is traditionally a difficult endeavour."
A promising future
The international market for cyber security is rapidly growing and global funding is forecast to exceed 759 billion on products and services over the next five years.
Julian David, TechUK CEO, is fully supportive of the strategy and is keen to work with the DIT.
"The international market for cyber security is forecast to grow rapidly over the next five years, with estimates suggesting that global spend on cyber security products and services will exceed 759bn from 2017 to 2021," he said.
"That is why TechUK wholeheartedly supports the activities announced in DIT's Cyber Export Strategy and looks forward to working with DIT in helping our world-leading UK cyber companies seek, find and secure opportunities to export abroad.
"The strategy outlines an ambitious plan to help UK cyber companies pursue priority markets, target key sectors and amplify their marketing activities when they export. This is particularly useful for cyber security SMBs, who may lack experience in exporting to certain markets and pitching to potential buyers."