Cybersecurity in Post-Brexit Britain

16 January 2018
Risc News

Negotiations for Brexit are well and truly underway; the Government’s ‘Brexit team’ have now had their sixth meeting with their EU counterparts. Progress is certainly expected to be slow however, with a five-year timeframe being anticipated rather than the original two-year one. Regardless of whether you voted remain, leave, or not at all, we can all agree on one thing – there’s going to be a huge amount of change. 

With a rollercoaster on the horizon, we can’t help but wonder what UK cybersecurity will be like post-Brexit. Will there be a decrease in cyberattacks? Will post-Brexit Britain be as secure?

Firstly, from a talent pool perspective there are concerns within the industry. A poll of the London Tech Advocates, a group of 4000 experts at the centre of the UK’s technology sector, was overwhelmingly opposed to Brexit stating that it would be harder to employ talent from abroad. Being experts in their field, that’s not an opinion to be ignored.

One could argue that IT companies don’t need to hire from abroad because there’s plenty of talent here in the UK. Whilst this is a valid point, another concern regards education. More than a third of UK Universities’ research funding is from the EU. Removing this will have a big impact on our universities, and might leave them in a position where they’re unable to sculpt the highly-skilled tech talent that’s needed. This is more of a long-term worry and one that we might not see the effects of for many years, but a valid concern no less.

Another concern is a diminishing share of cyber threat intelligence as Britain currently works very closely with EU countries - after all the WannaCry attack that spread throughout Europe earlier this year was endured and dealt with together. Having said that, we mustn’t ignore the fact that the UK is a leader in cybersecurity; the EU will most likely need us as much as we need them and therefore it will be in both our interests to continue a joint working relationship.

Finally regarding compliance, there’s understandably plenty of concern about GDPR. Our current data protection act was created in 1998 and given the evolution of social media, handheld technology and reliance of online data, it’s frankly long overdue an update.

There seems to be frustration and a lack of impetus from many UK businesses in taking the first steps to comply to GDPR, claiming uncertainty into what will happen when we leave. However, recent announcements from Elizabeth Denham, information commissioner at the ICO, have destroyed this myth stating that regardless of what happens post Brexit, the UK will have to fall in line with the regulative stance of GDPR. From a cybersecurity perspective this makes the most sense and works in the best interest of everybody.

Although compliance is relatively straight forward it’s undoubtedly time consuming. The good news is that there are services to handhold you though the necessary steps – see below. With the May deadline looming we just hope businesses don’t leave it too late. Ultimately, we don’t know what a post-Brexit cybersecure Britain will look like until it happens. If nothing else, it’s clear that the responsibility for cybersecurity will lie equally between government and business owners. We need to make sure that we have solutions in place to protect our businesses.