Three key reflections from CYBERUK 2021

CYBERUK 2021, the UK government’s flagship cyber security event, drew to a close this week, concluding two days of inspiring conversations on building a resilient and prosperous digital UK after COVID-19.

By deep-diving into three subject areas of understanding future technology, building resilience and building a cyber ecosystem, this year’s event provided its global audience with insights and takeaways that will shape the discussion around cyber in 2021 and beyond.

As lead sponsor, we asked Kat Sommer, our head of public affairs, for her reflections on the event. Here’s a summary of her thoughts.

Ransomware takes centre stage

The frequency of ransomware attacks has increased significantly during COVID-19. As a tangible threat that almost everyone has encountered in the last 12 – 18 months, it is slowly emerging as the global symbol of cyber attacks, and its growing familiarity among the private and public sectors was evident during this year’s event.

On day one, the NCSC’s panel on protecting the NHS from ransomware during COVID-19 highlighted the importance of national and local collaboration in combating the threat, drawing on the impressive achievements of NCSC, NHSX and NHS Digital to date. This was followed up by a panel with the Department for Education on day two, which underlined the importance of backing up data and building resilience in the education sector.

In summary, tackling ransomware remains a priority and to mitigate the threat, it’s crucial that our actions are defined by collaboration, getting the basics right and strong policy action.

Political outcomes reach new heights

The Foreign Secretary's speech at this year’s event offered a glimpse of how the UK government will seek to define the Integrated Review's ambition for the UK as a responsible global cyber power. Although the use of offensive cyber in line with international law and continuing to drive dialogue on international norms in cyberspace are not new concepts, it’s clear that these actions are now being driven by serious strategic ambition.

The commitment to investing in cyber capabilities in regions with strategic interest to counter the influence of China and offensive nation states is also welcome as an example of how we can use the UK’s soft power globally to support our domestic ambitions.

CYBERUK 2021 also emphasised how important the NCSC has become. Praised by ministers and stakeholders from across the ecosystem alike, it is increasingly being seen as a core contributor to good cyber policy making, building on its role as a stalwart of the UK’s cyber security. This progress bodes well for the UK’s overall cyber resilience as the NCSC steps forward into its next iteration under the leadership of Lindy Cameron.

A global event for a global challenge

It’s clear that the UK will need to collaborate internationally to build a resilient and prosperous digital ecosystem after COVID-19, so it was great to see this year’s event delivered in a format that could reach audiences around the world.

It’s highly likely that CYBERUK 2021 attracted new international delegates as a result, and the live chat functions that accompanied the sessions on YouTube provided incredibly insightful contributions and a level of engagement that took the learnings and discussions from speakers to a new level.

As the NCSC broadens its mission to reach citizens, society and economy, we can all learn from this year’s event to continue making our expertise accessible to the wider world going forward.

Building a resilient and prosperous UK

Ultimately, CYBERUK 2021 proved that there is much to be done and we can never stand still, but there are many reasons to be optimistic about the resilience of the UK after COVID-19. It’s clear that cyber has become a core component of our homeland security, and collective action is needed to maintain our technological leadership and build a strategic advantage.

This collective action means drawing on everything that we have in society by diversifying our thoughts, our skills and our technology to strengthen our response to cyber threats. Trust, sharing information, transparency and collaboration with our international allies all matter too – there’s no room for duplication or competition when defending against our shared adversaries.

Finally, the basics still matter. If we all prepare, patch, understand and remediate our own vulnerabilities while avoiding single points of failure, we can all play our part in building a resilient and prosperous UK.