Cybersecurity

UK Cybersecurity - challenges faced in the pursuit of development post-Brexit

by Ranine Awwad
May 21, 2020

Reading time: 4 min

UK Cybersecurity - challenges faced in the pursuit of development post-Brexit

Since leaving the EU officially, on the 1st of February 2020, it has become increasingly important for the UK to ensure that a number of practical issues related to technology, data and networks are being addressed to safeguard the infrastructure from emerging Cybersecurity threats.

According to Carbon Black, 88% of UK companies have suffered from data breaches since last year. However, data breaches in the UK cost less than in other countries. The same company reported that 92% and 94 % of companies have faced data breaches in Germany and France respectively. These cyberattacks cost the UK $3.88 million per breach according to IBM Security.

A number of national and international legal instruments were put in place enabling the United Kingdom to fight cybercrime. This includes but is not limited to: the Computer Misuse Act 1990, the Network and Information Systems Regulation 2018 (NISR), the Fraud Act (FA) 2006 and, The International Humanitarian law and cyber operation during armed conflicts.

Whether in Europe or not, the UK will remain in the scope of international laws and conventions. In 2018, the UK amended the General Data Protection Regulation (GDRP), a law that regulates how organizations protect personal data for people residing in the EU. In the post-Brexit period, the UK will no longer be regulated domestically by the GDRP. However, the UK has incorporated EU regulations into domestic laws. The UK-GDRP took effect on the exit date. This comes with a new version of the Data Protection Act(DPA).

The National Cybersecurity Center (NSCS), an independent authority on cybersecurity was launched in 2016. This reveals the importance of cybersecurity to the UK government even before Brexit. On the other hand, the UK has developed a strategic approach to cybersecurity. A five-year plan where the UK will invest Euros 1.2 billion to defend its system and infrastructures. Under three main objectives: Defend, Deter, and Develop, cyber skills should reach to every profession. The UK has planned to invest in technologies like Trusted Platform Modules (TPM) and emerging industry standards such as Fast Identity Online (FIDO). These technologies would use the machine and other devices in the user’s possession to authenticate instead of relying on password for user authentication.

The government vision for 2021 is that “the UK is secure and resilient to cyber threats, prosperous and confident in the digital world”. It took the cybersecurity topic very seriously. According to the 2016-2021 National Cyber security strategy, the UK will develop new relationships with new partners, including the EU, NATO, and the UN. Ciaran Martin, head of the UK National Security Center said that the Cabinet gave them clear instructions to cooperate unconditionally on European Security. Thus, Brexit would be an opportunity for the UK to reconsider cybersecurity ambitions and explore a new way to deal with the issue. “Working internationally is a must to ensure security and prosperity in cyberspace” avowed UK Prime Minister Boris Johnson.

Post-Brexit cyber security would be described as “ uncertain” as this will depend on EU/UK negotiations according to the Information Commissioner’s Office report. This would have impacts on businesses, telecoms, and citizens. The Brexit-transition period is important as it is considered an opportunity for both the UK and EU to set up a deal. With Brexit, the UK loses its full membership in agencies like Europol and this would reduce its ability to defend cross-border cyber-attacks. In Europe but not in the EU, the UK won’t be obliged to comply to the EU’s Charter for Fundamental Rights, which includes the protection of personal data under Article 8 of the Charter. This means UK citizens’ security will be at risk.

As the UK government pointed out, personal data will be able to flow freely (subjected to the GDRP) between EEA/UK during the transition period. Sending data from UK organizations to EU/EEA will remain legal. However, starting January 1, 2021, UK organizations (considered operating in a third country), including UK-digital service providers, have to appoint EU-based representatives according to Article 27 of the GDRP. And these organizations have to comply with local NIS rules in that EU member state. NIS applies to 2 groups of organizations: operators of essential services (OES) and relevant digital service providers (RDSPs). However, if you have fewer than 50 staff and a balance sheet less than Euros 10 million, NIS does not apply to you. Despite your organization size, don’t forget the GDRP. An organization operating inside the UK should comply with UK data protection law. While it could be asked to comply with additional safeguards put in place by its EU partners.

But what will happen after the transition period? Brexit is a double-edged sword. Post-Brexit would be an opportunity for the United Kingdom to position itself as an international leader for fighting cyber-crimes. UK startups have their hands full when it comes to cyber-crimes. For example, Red Sift, a data analysis platform founded in the UK in 2015, has a purpose-built for the challenges of cyber security. With the ONINBOX tool, for example, you can detect danger signs in the emails coming to your inbox. This tool will flag 3 risk indicators: Authentication, Content, and Trust. Another tool developed by Red Sift is ONDMARC, which will give you insights on what’s happening across your domains.

Around 180.000 telecoms professionals are working in the UK. For sure, Brexit will have an impact on mobile roaming and cross border trade of telecommunications service according to Deloitte. In 2015, charges for roaming within the EU countries were banned. After Brexit, Roaming would become a commercial service. With no-deal Brexit, it is uncertain how much EU mobile operators would charge UK operators to provide roaming services. Thus, costs would increase dramatically.

Interested to learn about Cybersecurity? Dozen of conferences to be held in the UK would be your perfect destination.

Tags: Cybersecurity Technology UK

Monty Capital Achieves Key Regulatory Milestone with the Acquisition of DFSA Category 4 License in Dubai

Surge in International Demand Spurs GITEX GLOBAL, Expand North Star to Take Over the City of Dubai at Two Mega Venues

Web3 Gaming Takes Center Stage in the UAE at Future Blockchain Summit

Future Blockchain Summit Announces the 1inch Network as its 2023 Headline Sponsor

IoT Tech Expo Europe: Agenda Delivers Beyond Expectations

Enea, Zain KSA to Test New Network Security Solutions

It’s 2017 All Over Again, as FCC Debates Net Neutrality

Marine Cable Project, 2Africa, May Go Live in 2024

US Allocates $42 billion for Universal Access to High-Speed Broadband by 2030

Ericsson to Uplift India’s 5G

Turkey Integrates AI to Monitor Space Activity

KSA Boasts Biggest AI Investment in the Middle East

Meta Facilitates the Death of Palestinians Using Lavendar

Apple Acquires Datakalab Startup to Boost AI Efforts, Data Privacy

AI Wants to Be Your New Guide in Malta

MyMonty: The New Era of Banking

Entering the Monty Multiverse at Seamless 2023

Seamless Dubai 2023 - From Concept to Reality: Shaffra Technologies Opens Doors to Metaverse Mastery

Take A Look in the Mirror. The Greatest Technology of All Will Stare Back at You

Monty Mobile Enters Multibillion-Dollar MNO Equipment Industry

Kids Are Happier with Minimal Phone Usage, Survey

The Modern Workplace: Why Employees' Experience Needs a Digital Upgrade

For Some Endangered Species, this may be Technology’s Finest Hour

MCR Hotels Bought London’s BT Tower

Super Bowl LVIII’s Biggest Loser was Tesla

UK Cybersecurity - challenges faced in the pursuit of development post-Brexit