Brexit and Cybersecurity

The UK will either somehow have to re-negotiate access to these systems, or somehow quickly and securely duplicate them and their content on UK soil. To do so, we will have to navigate the EU’s labyrinthine data protection laws and sharing agreements to access relevant data.


If the UK government can find a way to prevent these and other IT projects running into problems during development, there’s still the problem of cybercrime and cyberwarfare. Luckily, there’s a strategy covering this.

In November 2016, the government launched its National Cyber Security Strategy. Tucked in amongst areas covering online business and national defence, section 5.3 covers protecting government systems. This acknowledges that government networks are complex, and contain systems that are badly in need of modernisation. It asserts that in future there will be, “no unmanaged risks from legacy systems and unsupported software”.

The recent NHS WannaCry crisis was probably caused by someone unknowingly detonating an infected email attachment. The Strategy recognises that most attacks have a human element. It says the government will “ensure that everyone who works in government has a sound awareness of cyber risk”. Specifically, the Strategy says that health and care systems pose unique threats to national security due to the sector employing 1.6 million people in 40,000 organisations.

The problem is, the current Prime Minister called a snap General Election in May, potentially throwing the future of the Strategy into doubt. If the Conservatives maintain power, there’s likely to be a cabinet reshuffle, with an attendant shift in priorities and funding.

This is a Security Bloggers Network syndicated blog post authored by Jon Thompson. Read the original post at: SPECIAL EDITION