The UK’s Cyber Strategy 2022: The 5 Pillars

The UK’s Cyber Strategy 2022: The 5 Pillars

This past year has seen ruthless cyber attacks on individuals, businesses and nation-states. Colonial Pipeline, Ireland’s Health Service Executive (HSE), JBS, and Florida’s Water Supply are just some examples of gaps in securing critical infrastructure.

It’s time for governments to be drivers of change and take steps to counter growing threats.

The United Kingdom is one of the world’s most digitally advanced nations and this past week, it took steps to further enhance its future position. A new National Cyber Strategy was announced to ensure national resilience and help protect against ransomware and other cyber attacks.

The review outlines five key outcomes they’re setting out to achieve by 2025:

  • Pillar 1: Strengthening the UK cyber ecosystem. The UK government has already set many initiatives to increase the cyber workforce and inspire new talent. It will continue investing in developing skills and deepening partnerships between academia and industry.
  • Pillar 2: Building a resilient and prosperous digital UK. By improving our understanding of cyber risk, we can drive more effective action. This will help reduce the number of successful cyber attacks and the damage if they materialize but also provide greater protection to citizens and their data.
  • Pillar 3: Taking the lead in the technologies. The UK government recognises the need to harness science and transformative technology in order to gain a strategic advantage. To mitigate the most significant risks (including the threat from adversaries) and secure infrastructure, we must improve our ability to anticipate, assess and act on cyber attacks.
  • Pillar 4: Advancing UK global influence. Strengthening cyber capabilities will make the UK one of the most attractive economies to do business with and invest in. As such, they plan to commission cyber expertise to boost international prosperity and promote our foreign policy. This will help shape global governance and increase collective action on the global stage.
  • Pillar 5: Detecting, disrupting and deterring our adversaries. The UK plans to deter criminals and other malicious cyber actors to protect its interests and its citizens.

The main factor that runs through all these pillars is resilience. And the best way to do that? Understand the risks and key threat actors proactively – only then, can you take appropriate action. While this is applicable on a national level, there is no reason why organisations shouldn’t follow these principles to build resilience too. 

By combining risk quantification, threat intelligence and SOAR capabilities (what we refer to as the Risk, Threat, Response or RTR, for short), organizations can move their cybersecurity programs from good to great. While each capability is a necessity for any modern cybersecurity program, their fusion reduces complexity to help make decision-making easy, unites processes and technology, and continually drives down risk to help you strengthen your defenses.

ThreatConnect is on a mission to transform how businesses tackle cyber security. We help organizations align their entire security cycle to provide resilience and enable agility. While most vendors focus on providing risk management capabilities, threat intelligence or response capabilities, we recognise the power of combining these forces to drive risk and threat, together with automated response. Our risk-threat-response model has helped our customers keep pace with the evolving landscape and we are proud to be the only vendor that brings this to market.

Let’s continue the conversation around cybersecurity and progress with the ever-changing cyber environment. We have a responsibility towards our cyber effort and it’s imperative to prioritize and implement a long-lasting and effective strategy. Contact us to learn how you can build resilience in 2022 and beyond.

Sawsan Hamawandy
About the Author
Sawsan Hamawandy

Sawsan is the EMEA Demand Generation Manager at ThreatConnect. Her interest in cyber risk management has led her to speak and write about how organizations can future-proof their strategies using insights gained first-hand from clients, prospects and partners. She began her career in cybersecurity at an MSSP in London then transitioned to a GRC vendor - where she helped large organizations including United Nations, Telkom SA and MOD.

Share

Subscribe