Major businesses including Google and Microsoft are backing the UK to become a world leader in tackling the most damaging cyber security threats.

  • almost £190 million worth of industry and government Industrial Strategy co-investment in ‘designing out’ some of the most damaging cyber security threats faced by the UK
  • new expected investment by industry, including from Microsoft and Google, will benefit businesses and consumers alike, with increased security built into digital devices and online services
  • plans will ensure UK leads the global cyber security market, predicted to be worth £39 billion in a decade

Major businesses including Google and Microsoft are backing the UK to become a world leader in tackling the most damaging cyber security threats, helping to ensure the UK remains one of the safest places to do business online, Business Secretary Greg Clark announced today (Monday 22 July 2019).

Up to £117 million expected private industry investment will be combined with £70 million government investment through its modern Industrial Strategy to develop new technologies. These will range from a new and secure hardware prototype that can cope with cyber-attacks, to software protected from new vulnerabilities appearing online – each to ensure that every UK organisation and consumer online is as secure and resilient to cyber threats as possible.

With cyber threats constantly evolving, the best defence in the future is seen as developing innovative solutions that can work independently and protect against threats even during attacks. The government wants to ensure that every UK organisation is as cyber secure and resilient as possible.

Nearly all UK businesses are reliant on digital technology and online services, yet more than 30% have experienced a cyber-security breach or attack in the last 12 months. Hackable home wifi routers can be used by attackers in botnets to attack major services and businesses.

Consumers are often the worst affected by mass information leaks than the organisation that held their data. Businesses are having to spend increasing amounts on cyber security, up to 20 to 40% of their IT spend in some cases. And as more and more systems are connected, whether in the home or businesses, there is a need for security that is secure by design.

Business Secretary Greg Clark said:

Digital devices and online services are powering more of our daily lives than ever before, from booking a doctors’ appointment to buying online shopping. While these devices and services bring great benefits to businesses and consumers, they come with the associated risks of cyber-attacks and threats that are becoming increasingly complex to tackle.

As we move to a more data-driven economy, nearly all UK businesses and organisations are reliant on these digital technologies and online services – but the threat of cyber-attacks is ever-present, with more than 30% of businesses having experienced a cyber-security breach or attack in the last 12 months.

With government and industry investing together as part of our modern Industrial Strategy, we will ensure that the UK is well placed to capitalise on our status as one of the world leaders in cyber security by ‘designing in’ innovative measures into our technology that protect us from cyber threats. This will also help us bring down the growing cybersecurity costs to businesses.

This expected joint investment will create projects to develop new solutions to cyber security over the next 5 years, with the aim of applying the findings in real-world markets through dedicated demo-projects led by business. For example, these demo projects could include testing the new technology in the health sector to ensure a higher level of protection for patient data, or in consumer markets to ensure consumers’ personal data is fully protected as far as possible.

Ann Johnson, Corporate Vice President, Cybersecurity Solutions Group at Microsoft said:

At Microsoft, we embrace our responsibility to help empower organisations on their digital transformation journey to unlock the security and compliance capabilities of the intelligent cloud and next generation AI.

We support the vision behind the Digital Security by Design Initiative that helps bring digital security by design into the central hardware of tomorrows computers and have committed financial resources to collaborate across these exciting new proposed activities.

Ben Laurie, Head of Security and Transparency at Google said:

At Google we place a high priority on the security of data and believe that the proposed Digital Security by Design initiative is vital to bridge the gap between the realities of the hardware development cycle and those of commercial software companies.

We need proven hardware architectural changes that permit the secure and efficient separation of data so we can provide the user control of data in distributed systems, a problem thought otherwise impractical to address. We will commit significant resources to this program, the results of which will be open source and available to the whole industry.

UK Research and Innovation Chief Executive, Professor Sir Mark Walport said:

As our use of internet connected devices has rapidly increased, so too has our vulnerability to broader and more sophisticated cyber threats. This challenge will drive changes in the UK’s digital computing infrastructure to enhance cybersecurity for businesses, government and citizens. It will help make the UK a market leader in delivering digitally secure products and services.

Interim Challenge Director at UK Research and Innovation, Professor John Goodacre said:

In the next 5 years this challenge will radically update the foundation of the insecure digital computing infrastructure that underpins the entire economy, therefore increasing cyber security for businesses, government and across society. It will boost productivity for the UK via reduction of days lost to cyber-attacks while helping to make the UK market leaders in delivering the first digitally secured products and services

Dr Ian Levy, National Cyber Security Centre’s Technical Director said:

The National Cyber Security Centre is committed to improving security from the ground up, and we have been working closely with government to promote adoption of technology and practices to protect the UK.

We hope this additional investment will drive fundamental changes to products we use every day. This is vital work, because improving hardware can eradicate a wide range of vulnerabilities that cause significant harm.

Developing innovative solutions to cyber security will help put the UK at the forefront of the AI and data revolution, in support of the government’s AI and Data Grand Challenge.

Details on the upcoming rounds of funding for this Digital Security by Design challenge, which will likely bring together academics, research institutions, start-ups, SMEs and large businesses, will be announced later this year.

Notes to editors

The £70 million of government funding Digital Security by Design challenge will be delivered by UK Research and Innovation through the Industrial Strategy Challenge Fund.

The UK government is fully committed to defending against cyber threats and address the cyber skills gap to develop and grow talent. A 5-year National Cyber Security Strategy (NCSS) was announced in November 2016, supported by £1.9 billion of transformational investment.

The World Economic Forum Risks Report 2018 lists data fraud/theft and cyber-attacks as a key global risk.

Published 22 July 2019