Policy paper

DCMS cyber security newsletter - August 2022

Published 28 September 2022

1. Director’s message

According to this year’s Cyber Security Breaches Survey, around four in ten businesses and three in ten charities reported having a cyber security breach or attack in the last 12 months.

These numbers may seem high, but the vast majority of these incidents were simple, low-skill attacks such as phishing emails. That is why schemes such as Cyber Essentials are so important in driving up security standards across the country. You might want to consider joining the 100,000 other companies who have now been awarded a Cyber Essentials certificate.

As the threats we face continue to evolve we must ensure that the protection we put in place does the same. We are currently asking for organisations to share their views on Cyber Essentials and how it can be improved. Please take the time to take part yourselves and share the link with your networks.

Elsewhere I was happy to see the first in-person cohort of Cyber Runway last month, with seventeen start-ups and entrepreneurs getting together to learn, meet investors and build connections with each other. Our sector is built on partnerships and while digital meetings have their place, nothing can beat getting people together in a room to discuss ideas, debate and share their knowledge.

Finally, I really want to highlight an exciting new scheme: the Empowering Women to Lead in Cyber Security programme. The programme aims to develop a collaborative and powerful community of emerging female leaders in cyber security roles across the UK. Applications are now open for Northern England, Wales, Northern Ireland and London & Southern England cohorts until 26 August, with applications for Scotland open until 12 August.

Erika Lewis

Director, Cyber Security and Digital Identity

2. Cyber Runway: Launch boosts 17 cyber companies and entrepreneurs

In June 17 cyber start-ups and entrepreneurs took part in the first ever in-person cohort of Cyber Runway: Launch, the DCMS-funded bootcamp for cyber companies and individuals at the beginning of their business journey.

Delivered by Plexal and the Centre for Secure Information Technologies the week-long programme provided the participants with workshops on how to pitch their business or idea to potential partners and investors; ideas on how to write a start-up strategy and introductions to investors and mentors. The cohort also heard from other successful founders and learnt about the importance of diversity and inclusion in growing a business.

3. Cyber Essentials’ 100,000th certificate awarded

Cyber Essentials, the government-backed scheme which helps organisations guard against the most common cyber attacks and demonstrate their commitment to cyber security, has awarded its 100,000th certificate. 

Launched in 2014, Cyber Essentials gives organisations the peace of mind that they have defences against the most common cyber attacks which exploit common vulnerabilities. As these attacks evolve so does the Cyber Essentials certification scheme. Last year alone saw an unprecedented 37% increase in organisations taking part in the scheme.

Find out how Cyber Essentials could help your organisation meet minimum recommended cyber security requirements by visiting the Cyber Essentials website.

4. Cyber Essentials: share your views

DCMS is looking for organisations to share their views on the Government-backed assurance schemes: Cyber Essentials and Cyber Essentials Plus.

These schemes play an important role in driving minimum standards and increasing cyber resilience across the country. To help improve their impact it is important to understand how organisations engage with Cyber Essentials to improve their cyber resilience and the extent to which it is used as a tool to manage third party cyber security risk.

DCMS are therefore encouraging organisations to take a few minutes to fill out this short questionnaire as we look to raise awareness, ensure accessibility and increase appropriate market driven demand for Cyber Essentials across the economy.

5. £15,000 funding available for Digital Security by Design: Technology Access Programme

Tech accelerator Digital Catapult is looking for companies to take part in the next cohort of their Digital Security by Design: Technology Access Programme, which comes with £15,000 in funding.

Delivered by Digital Catapult and funded by UK Research and Innovation, the Programme provides tech companies access to trial and experiment with Arm’s Morello system-on-a-chip and demonstrator board based on CHERI, a new instruction set architecture developed by the University of Cambridge. These technologies have been designed to eliminate most memory safety issues in C and C++, which lead to over 70% of software vulnerabilities.

For six months participating companies can use these technologies to uncover security vulnerabilities in their own systems before they become a problem, and provide findings that could influence the design of future computer systems.

 Applications are open until 8 September with onboarding beginning on 10 October. 

Digital Catapult will be hosting a webinar on 5 September at 11:30-12:30 on how to get involved with the Digital Security by Design Technology Access Programme, along with a Q&A session.

6. DCMS publishes research mapping cyber security initiatives for young people

DCMS has published new research detailing the range of cyber security learning initiatives available in the UK for young people aged 5-19.

To ensure there are the right people with the right skills to support the UK’s growing cyber sector it is clear that more young people need to be trained in cyber skills. To support this the government wants to ensure there are initiatives and educational opportunities for young people to engage with cyber security and inspire them to consider it as a potential career. 

However, there is currently no accurate picture of what programmes exist. This research begins to address this by mapping 72 non-government initiatives across the UK. The 26 initiatives interviewed for the research reached approximately 230,000 young people per year.

7. DCMS publishes Cyber Security Breaches Survey 2022 infographics

DCMS has published infographics to support its Cyber Security Breaches Survey 2022. The infographics highlight the key findings for cyber attacks, incident response and vulnerability management as well as businesses’ internal cyber activity, threat landscape and external engagement. Third parties are free to use the infographics for non-commercial use when referenced fully.

The Cyber Security Breaches Survey is an influential research study for UK cyber resilience that is aligned with the National Cyber Strategy. It is used to inform government policy on cyber security, making the UK cyber space a secure place to do business. The study explores the policies, processes, and approaches to cyber security for businesses, charities, and educational institutions. It also considers the different cyber attacks these organisations face, as well as how these organisations are impacted and respond.

8. Empowering Women to Lead in Cyber Security programme: applications open

Applications for the Northern England, Wales, Northern Ireland and London & Southern England cohorts of the Empowering Women to Lead in Cyber Security programme are now open until 26 August, with applications for Scotland open until 12 August. 

The programme aims to develop a collaborative and powerful community of emerging female leaders in cyber security roles across the UK. The programme offers a series of three-month intensive leadership courses, consisting of a combination of group workshops and one-to-one coaching for a cohort of 20 to 24 early-to-mid career cyber security professionals, selected via an open application process. 

To ensure accessibility for as wide a range of individuals and organisations as possible, all participant places are free of charge, with funding for the programme provided by its partners in government and the wider tech industry.