UK economic growth “on shaky ground” without cyber resilience

Entitled ‘Rebooting the UK’s Cyber Strategy’, the report highlights persistent weaknesses in Britain’s cyber posture and policy that cost the UK an estimated £14.7 billion annually and leave Critical National Infrastructure exposed to increasingly sophisticated threats.

High-profile incidents, such as the £1.9 billion cyber attack on Jaguar Land Rover, exemplify the growing financial and political risks facing the country.

RUSI research fellows Jamie MacColl and Joseph Jarnecki stress that, while the UK has “strong institutional foundations and internationally respected policy frameworks”, the current approach has not kept pace with the scale and impact of modern threats. The duo warn that voluntary guidance, fragmented accountability and weak enforcement leave organisations dangerously exposed.

As such, the report calls for a decisive shift towards treating cyber resilience as a core component of economic security.

The document urges the Government to reframe its strategy around economic urgency, embed risk into corporate governance with Board-level accountability, develop hybrid threat response models bridging cyber criminals and state actors, hold technology suppliers accountable for insecure products and enforce regulations through properly resourced regulators.

Existential crisis

Andy Ward, senior vice-president for international business at Absolute Security, commented: “Last year, the National Cyber Security Centre reported a 50% rise in highly significant attacks. That’s alongside our own research highlighting that almost one-fifth of organisations experienced operational disruptions that lasted as long as two weeks, with the majority facing downtime that lasted nearly five days when hit with a cyber attack.”

Ward went on to state: “Organisations that are not prepared to bounce back quickly face an almost existential crisis as prolonged downtime can literally crush a business. Cyber attacks are no longer a question of ‘If’, but ‘When’. Therefore, both Government and organisations must have a cyber resilience strategy in place that enables them to identify threats, manage disruption effectively and return to full service with minimal delay.”

Sawan Joshi, Group director of information security at the FDM Group, said: “According to the National Cyber Security Centre, the UK is now experiencing four ‘nationally significant’ cyber attacks every week. In this escalating threat landscape, it’s essential that both Government and the business community take appropriate action to withstand rising risks.”

Continuous training

Joshi added: “Building true cyber resilience means prioritising continuous training and sustained investment in developing young cyber talent. Technology is vital, but it’s the skills, readiness and adaptability of people that ultimately determine how effectively threats are mitigated and sensitive data is protected.”

Jamie MacColl observed: “Weak cyber security undermines UK growth and national security. Future economic growth without cyber resilience is built on shaky ground.”

MacColl and Jarnecki add that the National Cyber Action Plan presents a “golden opportunity” for reducing systemic harms, protecting the economy and strengthening national security, but only if security is treated as being more than just a technical afterthought.