I believe that the most important 21st century infrastructure project for the UK will be the development of world-class cyber-security.
So much of our national infrastructure is being digitalised that it is easy to lose track.
My sector, the energy industry, is in a massive state of change. The emerging “smart grid” scenario comprises connected renewable generation, storage, metering, and demand response. This deep level of decentralised control will yield enormous benefits for cost and sustainability. However, these will come at the price of potential vulnerability to cyber-criminals and attack from state/non-state actors. A hijack of our energy infrastructure would have catastrophic consequences for our economy, security, and general way of life.
This is not just a problem for the energy sector. Digitisation is sweeping through our industries at breakneck pace. The automation of vehicles, the proliferation of digitally connected appliances in the home and industry (the “Internet of Things”), digitisation of medical records, and even the cultivation of food in “vertical farms” means every aspect of life will be affected.
Improving the resilience of these assets must be of paramount importance. However, the rise of high-profile hacks of data and growing incidences of “ransomware” attacks show this is not translating into action.
Increasing cybersecurity literacy for all ages must be a priority for the government. Many people still use easily-hackable passwords and can be fooled by a simple phishing attack. Education must start at school and continue in the workplace, even at board level.
The 2017 ransomware attack on the NHS shows how crippling cybercrime can be for our institutions. The attack exploited a vulnerability which would not have been an issue if the IT infrastructure had been the latest available. Budget cuts at the NHS Trusts meant that they had de-prioritised IT upgrades and exposed themselves to cyber-risk.
The UK Government must make it clear to leadership at all critical organisations that IT security has to be priority #1 for all spending, with ring-fenced budgets. HM Government should set up a unit of “white hat” hackers that is responsible for penetration testing the Police, NHS, and other assets of national importance on a constant basis.
Our economic advantage as a nation arguably rests on our ability to innovate. Therefore it is also critical to help the private sector to protect itself against industrial espionage, which is often sponsored by nations with low respect for Intellectual Property rights.
The physical communications network underpinning the internet also needs to be protected. The vulnerability of our undersea cable connections to other countries to attack by hostile actors needs to be addressed, and the UK needs to have a strong presence in the Space sector to remain at the leading edge of innovations.
Developing the world’s best cybersecurity infrastructure will put the UK in pole position to capitalise on the opportunities of digitalisation while protecting itself against future threats. All other infrastructure will need to build on this platform, which is why I regard it as the most important.