Projects

Reshaping the Future of UK Cyber Strategy

This project aims to develop recommendations to inform the development of the next UK National Cyber Strategy.

Summit Art Creations / Adobe Stock

The UK's ability to defend itself against cyber threats is increasingly coming into question. In its 2024 Annual Review, the UK National Cyber Security Centre assessed that 'our collective ability to defend against cyberattacks – and to be resilient enough to remain operational when attacks do get through – has not kept up with the threat'.

With the UK’s current National Cyber Strategy set to end in 2025 and growing doubts about the UK’s approach, RUSI’s research seeks to inform the development of the next iteration of the UK cyber strategy. The project will make the case for an ambitious new approach to UK cyber strategy that focuses on rebalancing responsibility for cyber security and how the UK government can be more interventionist in correcting cyber security market failures.

Summit Art Creations / Adobe Stock

Project sposnor

This projected is sponsored by Palo Alto Networks

Project team

Jamie MacColl

Senior Research Fellow

Cyber and Tech

View profile

Joseph Jarnecki

Research Fellow

Cyber and Tech

View profile

Aims and objectives

The project aims to advance debate on the next UK National Cyber Strategy by identifying key challenges and potential solutions. We will focus on key thematic areas that reflect the UK Government’s policy priorities (e.g. economic growth) and broader international debates on cyber policy.

The thematic areas are:

  • An assessment of the foundational assumptions about the UK’s national cyber resilience
  • Where responsibility for cyber security lies in the UK and addressing cyber security market failures
  • Whether to view cyber security as an enabler of economic growth and how the UK can navigate the potential tension between security and growth.

To explore these themes, the project will focus on the following research questions:

  • Who has responsibility for the cyber security of our critical technologies and systems?
  • How is responsibility for cyber security organised and enforced? Which stakeholders lose out most by this approach? And how are they harmed?
  • Considering emerging international approaches, can the UK rethink responsibility for cyber security to improve fairness and national outcomes?
  • What trade-offs will the proposed changes face? How can we better advocate for cyber security as an enabler of economic growth?
  • How can the UK influence global technology and cyber security vendors given its limited market power?
  • How should the UK frame its approach to cyber strategy to international audiences?

Related project

Projects
Future UK Cyber Security Strategy

This project examines future options for the UK government as it formulates a new Cyber Security Strategy post-2021.

View onlinechevron-right

Latest publications

View all publications

    Stay up to date with RUSI