Publication of the McPartland Review of Cyber Security and Economic Growth

The report, due to sensitivities around government publications during the 'pre-election period', has been made available on Stephen McPartland's LinkedIn and X (formerly Twitter). Consequently, the government will not be able to issue a formal response until after the General Election on the 4th July.  

The reports looks into the relationship between cyber security and economic factors such as productivity, competitiveness, innovation and global leadership. Stephen McPartland emphasises that a robust AI Strategy will not be possible without a clear strategy that incorporates cyber resilience and recovery into the economy.   

Through roundtables, the Call for Views and additional evidence, the report identifies key themes within the cyber ecosystem. One major theme is the critical importance of security and resilience within the UK's supply chain. Stephen McPartland advocates that a holistic approach to cyber security should be taken to ensure the significant gap in understanding of the impact of cyber security is understood by Board and Director level. Tailored support should also be given to small to medium-sized companies in areas such as education and skills.  

The report found better communication is needed on the return on investment in cyber security. It is vital that companies are given the support needed to address issues such as technical debt, vulnerabilities and basic cyber hygiene. Additionally, the cyber security workforce requires substantial investment. Stephen McPartland suggests that changing the narrative around cyber security will help to attract more talent to the sector.  

Addressing obstacles and barriers requires a two-pronged approach, the report suggests that using non-legislative levers will help to address the dynamic and complex nature of cyber threats. The government should do more to incentivise the adoption of cyber security practices through cyber insurance, governance, reporting and transparency.  

Recommendations 

The report presents 16 recommendations across four main themes: 

1. Investing in Cyber Security 

• Cyber Charter: Stephen McPartland calls for the creation of a Cyber Charter to enable large companies to share expertise and resources with third-party suppliers. 
• Guidance for Companies: Guidance should be published on Companies House and GOV.UK to help companies integrate cyber security standards. 
• Bank Requirements: Banks should mandate that all new small businesses have tangible and measurable security controls. 

2. Education, skills, training and good cyber hygiene  

• UK Cyber Security Council: The government should support the UK Cyber Security Council to become fully independent, industry-led, and self-funded. Stephen McPartland recommends that the public sector should become the first adopters of UKCSC Professional titles. 
• Skills Gap Review: A review should focus on the cyber security skills gap, emphasising diversity challenges and opportunities. 
• Awareness Programmes: Programmes like CyberFirst and the NCSC's Cyber toolkit should be leveraged to raise public awareness, including updates to the school computing curriculum. 

3. Cyber resilience and recovery 

• Ransomware Payments: Stephen McPartland suggests tightening rules on ransom payments and increasing incident reporting. 
• National Initiatives: Programmes like Cyber Griffin, offering free services from the City of London Police, should be expanded nationally. 
• Cyber Governance Code: The upcoming Cyber Governance Code of Practice should be an operational resilience requirement for businesses. Large organisations should also be required to disclose digital risk governance and resilience in their annual reports. 

4. Improving the UK's strategic advantage 

• Private Sector Solutions: A private sector-led product assessment solution should be developed with the NCSC and industry. 
• Green and Net-Zero Technology Security: Partnerships with universities should focus on securing green technologies essential for a net-zero economy. 
• Tougher Sanctions on Cyber Crime: The government should work with the Home Office to impose tougher sanctions on cyber criminals. 
• Showcasing Support: The government should help businesses showcase their products and services, especially in critical digital infrastructure, on both national and international stages, emphasizing the UK's commitment to 'secure by design'. 

What it means for cyber security. 

Initially, it was expected that the highly anticipated report would be delayed due to the upcoming General Election. However, Stephen McPartland chose to independently publish the paper on his own channels. With the government unable to respond, the true impact of the recommendations remains to be seen. 

In developing the report, Stephen McPartland engaged with a diverse array of businesses and stakeholders within the cyber sector, ensuring he gained a well-rounded perspective of the landscape. Insights from these consultations, as well as the preview he gave during an interview at CyberUK, highlighted Stephen McPartland’s commitment to producing tangible recommendations and emphasised the importance of collaboration between industry and government to drive forward economic growth in cyber security.  

The report addresses numerous concerns and barriers regularly highlighted by techUK in its discussions with government officials. It underscores the necessity of creating incentives that go beyond legislation to drive change, foster innovation, and support the growth of SMEs in the sector. 

As the new government takes office, it is crucial that they give these issues the attention they deserve. A prompt and committed response from the government is essential to sustain the momentum and support the ongoing expansion of the cyber security sector. 

Dan Patefield

Head of Cyber and National Security, techUK

×

Dan Patefield

Head of Cyber and National Security, techUK

Dan leads the techUK Cyber Security programme, having originally joined techUK in August 2017 as a Programme Manager working across the Cyber and Defence programmes. He is responsible for managing techUK's work across the cyber security eco-system, bringing industry together with key stakeholders across the public and private sectors. Dan also provides the industry secretariat for the Cyber Growth Partnership, the industry and Governmnet conduit for supporting growth across the sector. A key focus of his work is to strengthen the public-private partnership across cyber security to support further development of UK cyber security policy.

Before joining techUK he worked as Forum Lead for the Westminster eForum. In this role he had a focus on the technology and telecoms space, on issues ranging from Broadband and Mobile Infrastructure, the Internet of Things, Cyber Security, Data and diversity in tech. Dan has a BA in History from the University of Liverpool.

Email:

[email protected]

Phone:

020 7331 2165

Jill Broom

Programme Manager, Cyber Security, techUK

×

Jill Broom

Programme Manager, Cyber Security, techUK

Jill is techUK’s Programme Manager for Cyber Security, working across the cyber eco-system to bring industry together with key stakeholders across the public and private sectors.

Prior to focusing in on techUK's cyber security work, Jill was also part of techUK's Central Government programme team, representing the supplier community of technology products and services to Whitehall departments. 

Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.

Email:

[email protected]

Twitter:

@honeybroom

Website:

www.techuk.org

LinkedIn:

https://www.linkedin.com/in/jill-broom-19aa824

Annie Collings

Programme Manager, Cyber Security and Central Government, techUK

×

Annie Collings

Programme Manager, Cyber Security and Central Government, techUK

Annie joined techUK as the Programme Manager for Cyber Security and Central Government in September 2023.

Prior to joining techUK, Annie worked as an Account Manager at PLMR Healthcomms, a specialist healthcare agency providing public affairs support to a wide range of medical technology clients. Annie also spent time as an Intern in an MPs constituency office and as an Intern at the Association of Independent Professionals and the Self-Employed. 

Annie graduated from Nottingham Trent University, where she was an active member of the lacrosse society. 

Email:

[email protected]

Twitter:

anniecollings24

LinkedIn:

https://www.linkedin.com/in/annie-collings-270150158/

Raya Tsolova

Programme Manager, techUK

×

Raya Tsolova

Programme Manager, techUK

Raya Tsolova is a Programme Manager at techUK. 

Prior to joining techUK, Raya worked in Business Development for an expert network firm within the institutional investment space. Before this Raya spent a year in industry working for a tech start-up in London as part of their Growth team which included the formation and development of a 'Let's Talk Tech' podcast and involvement in London Tech Week. 

Raya has a degree in Politics and International Relations (Bsc Hons) from the University of Bath where she focused primarily on national security and counter-terrorism policies, centreing research on female-led terrorism and specific approaches to justice there. 

Outside of work, Raya's interests include baking, spin classes and true-crime Netflix shows! 

Email:

[email protected]

Phone:

07712630603

Tracy Modha

Team Assistant - Markets, techUK

×

Tracy Modha

Team Assistant - Markets, techUK

Tracy supports several areas at techUK, including Cyber Exchange, Cyber Security, Defence, Health and Social Care, Local Public Services, Nations and Regions and National Security.

Tracy joined techUK in March 2022, having worked in the education sector for 19 years, covering administration, research project support, IT support and event/training support. My most outstanding achievement has been running three very successful international conferences and over 300 training courses booked all over the globe!

Tracy has a great interest in tech. Gaming and computing have been a big part of her life, and now electric cars are an exciting look at the future. She has warmed to Alexa, even though it can sometimes be sassy!

Email:

[email protected]

Phone:

02073312000

Twitter:

@TracyModha

Website:

www.techuk.org

LinkedIn:

https://www.linkedin.com/in/tracymodha83