TESTIMONIALS

โ€œReceived the latest edition of Professional Security Magazine, once again a very enjoyable magazine to read, interesting content keeps me reading from front to back. Keep up the good work on such an informative magazine.โ€

Graham Penn
ALL TESTIMONIALS
FIND A BUSINESS

Would you like your business to be added to this list?

ADD LISTING
FEATURED COMPANY
Government

UK Resilience Action Plan

by Mark Rowe

UK Government’s Cabinet Office has brought out a Resilience Action Plan.

In a foreword to the 50-page document, Pat McFadden, Chancellor of the Duchy of Lancaster, points to the covid pandemic. He described the plan as bringing together policies and programmes, ‘across government, that strengthen our foundations and help us identify, and mitigate the risks the UK faces’. He said: “The pandemic reinforced just how important it is that we take resilience seriously and better coordinate our preparations across society. It is impossible to prepare for every risk, but it is in our gift to close many of the gaps in our vulnerabilities and work together to make the UK a more resilient, more secure country.”

He called resilience a shared responsibility between individuals, communities, businesses, local, devolved and national government, and public services. He said: “If you run a business, it might mean upgrading your cyber defences. For an employee in local government, it could involve planning for a wider range of adverse weather events. And for the average person, it may involve looking out for vulnerable neighbours and stocking up on some basics like bottled water and a torch.”

He summed up: “In these uncertain times, no government can stop every risk from materialising. But, if we can foster a culture where resilience is part of our daily lives, the UK will be better prepared for the challenges of the future.”

Context, definition

The document, echoing McFadden, proposes a ‘whole of society approach’. It begins with the context of geopolitical uncertainty; as recently detailed in the UK Government’s National Security Strategy. A UK government review of resilience arose out of the pandemic; and the Grenfell Tower fire of 2017. Resilience is defined as ‘the ability to anticipate, assess, prevent, mitigate, respond to, and recover from natural hazards, deliberate attacks, geopolitical instability, disease outbreaks, and other disruptive events, civil emergencies or threats to our way of life’. The document covers three ‘objectives’: to assess risks to the UK and how resilient the UK is to them; to ‘enable the whole of society to take action to increase their resilience’; and strengthen the ‘public sector resilience system’.

Assessment

As for assessment, the plan admits that the UK has no common methodology for measuring overall national resilience. It’s for the recently relaunched at Easingwold UK Resilience Academy to work out. To be developed also is a ‘Cyber Resilience Index’ (CRI), about ‘the specific concern of Critical National Infrastructure (CNI) being vulnerable to cyber attack’ – CNI including telecoms, data infrastructure, transport and utilities. As for the cyber threat picture, the document describes it the cyber threat in the UK as ‘increasing, with cyber actorsโ€™ capabilities becoming increasingly wide-ranging and sophisticated’. The cyber resilience of our CNI is not keeping pace with this evolving threat, the plan admits. Also to be developed is a ‘CNI Knowledge Base’, a UK Government tool, an interactive map of all CNI in the UK.

Private sector

As for the private sector, the document suggests resilience is a topic that boards should be discussing frequently. Also promised is a ‘Supply Chain Centre’, ‘which will work with businesses and our international allies to diagnose acute vulnerabilities and threats, develop policy and targeted interventions to improve our ability to withstand future disruptions’; and an ‘Economic Security Advisory Service’. The most critical third party suppliers to the financial sector, such as cloud computing and data storage, will be brought under the oversight of the financial regulators.

Exercising

As for exercising, the national exercise for 2025 will be on pandemic preparedness. You can read the plan at the Cabinet Office website: https://www.gov.uk/government/publications/uk-government-resilience-action-plan.

Economic security

The Business and Trade Sub-Committee on Economic Security, Arms and Export Controls (BTC) questioned Douglas Alexander, Minister of State for Trade Policy and Economic Security at Department of Business and Trade; and Cabinet Office minister Pat McFadden on July 9, in the final evidence hearing in the BTC sub-Committee’s inquiry on economic security. Liam Byrne MP, Chair of the Committee, said beforehand: โ€œThis inquiry has laid bare a harsh truth: the safety and security of our economy which pays for the defence of the realm now faces new threats with defences that are out of date. Just as we plan to modernise our armed forces, so we must modernise the defence of the economy that pays for them and supplies them.

โ€œFrom hostile ownership of critical infrastructure to simultaneous cyber-attacks on major firms, we are exposedโ€”and we are underprepared. The Huawei case shows what happens when governments are caught on the back foot: billions in sunk costs, years added to rollout, and growth delayed. That cannot become the norm. So as we chase foreign investment to revive growth, the question now is not just how much, but from whomโ€”and at what price to our sovereignty and security.”โ€ฏ

MPs point to the example of the Chinese firm Huawei; in the rollout of 5G across the UK, the Government mandated a phased removal of Huawei equipment already in the nascent 5G network, plus a ban on installing new Huawei equipment. The expected ยฃ2 billion costs of the removal will be fully borne by the telecoms industry and are expected to add two to three years to the roll-out of 5G telecoms, MPs report.

Defence Committee

Meanwhile the Defence Committee of MPs has called for the appointment of a dedicated minister for homeland security; and called on the Ministry of Defence to engage with the rest of government, with industry and with wider society to improve resilience and strengthen UK defences at home. For its 38-page report, Defence in the grey zone, visit parliament.uk.

Related News