Skip to content

UK Government publishes National Cyber Strategy for 2022

On 15 December 2021, the UK Government published its new National Cyber Strategy for 2022 based around the following five strategic pillars, representing the goals that the government intends to achieve by 2025, as first set out in its Integrated Review of Security, Defence, Development and Foreign Policy last year:
  • strengthening the UK cyber ecosystem, investing in people and skills, growing a competitive cyber and info sec sector and deepening the partnership between government, academia and industry;
  • building a resilient and prosperous digital UK, reducing cyber risks (through improved understanding, management, resilience) so businesses can maximise the economic benefits of digital technology and citizens are more secure online and confident that their data is protected; 
  • taking the lead in the technologies vital to cyber power, building industrial capability and developing frameworks to secure future technologies; 
  • advancing UK global leadership and influence for a more secure, prosperous and open international order, working with government and industry partners and sharing the expertise that underpins UK cyber power (promoting free, open, peaceful, secure cyberspace); and
  • detecting, disrupting and deterring our adversaries to enhance UK security in and through cyberspace, making more integrated, creative and routine use of the UK’s full spectrum of levels (including sharing information on malicious cyber actors). 
Specific outcomes under the five strategic pillars and associated objectives are detailed, generally with the aim of achieving the same by 2025. Reference is made to the interaction of the Strategy outcomes with other strategies (e.g. National Data Strategy), and the implementation and development of legislation (e.g. the National Security and Investment Act 2021, the Network and Information Systems Regulations, the Product Security and Telecommunications Infrastructure Bill). The Government identifies the Cyber Security Regulation and Incentives Review as the publication in which it will provide detail on action the Government will take to improve business resilience and cyber security across UK businesses.
The strategy envisages the mobilisation of a ‘whole-of-society effort’, with further engagement of the devolved governments and stakeholders outside government and the establishment of a new National Cyber Advisory Board of private and third sector leaders, and further development of the recently established National Cyber Force.