Below is the text of the speech made by David Lidington, the Chancellor of the Duchy of Lancaster, at the London Stock Exchange on 24 October 2018.
Well thank you very much indeed for the invitation to open trading today and to mark this, the first, the inaugural, and I’m sure by no means the only or the last, London Stock Exchange Group’s cyber security conference.
We’ve got every reason in this country to be proud of the United Kingdom’s position at the front of the global digital revolution – driving our prosperity and enhancing our national security. We have seen a rise in the number of new cyber technology companies, right across the UK, who are helping to keep some of our biggest enterprises secure.
But of course, with that opportunity comes risk. We’ve also seen a significant increase in malicious cyber activity globally – both from hostile nation states and from cyber criminals. And only last week The National Cyber Security Centre reported that it is defending the United Kingdom from around 10 significant cyber attacks every week.
And that’s why cyber security remains a top priority for the government and why, two years ago, we launched the National Cyber Security Strategy.
At the very heart of the government’s response was the creation of the National Cyber Security Centre, bringing together the best intelligence and expertise. Right here in the City, the NCSC’s valuable partnership with the Bank of England and its suppliers is helping to build cyber security into the heart of a number of next generation systems. And I am delighted to announce this morning, that Faster Payments – now called Pay.UK – will be the latest scheme to benefit from this collaboration. It will ensure that every payment processed in the United Kingdom is done so safely and securely.
The financial sector has, for a long time, recognised the cyber risk posed by criminals and by states, and I know that financial companies routinely considers cyber security as part of an overall approach to business risk.
In fact, we in government have taken best practice from the financial sector. We’ve launched the GBEST scheme, for government, based upon the sector’s CBEST model. And this will improve government systems to identify and to act against sophisticated and persistent cyber attacks.
And I think the finance sector in the UK should be commended for the initiatives they have taken and the standards they have set.
But the government’s latest Cyber Security Breaches survey showed a significant proportion of companies overall in our economy are still not adopting the basic cyber security precautions that are needed. More than two in five businesses identified breaches in the last twelve months. Despite that, two thirds of FTSE 350 boards say that they have had no training in how to deal with a cyber incident.
There is still a lot more to do – and our ability to build the necessary resilience in the face of these challenges, relies on the strength of our collective action and expertise.
Now last week, I really enjoyed being at UK Finance, and it gave me great pleasure to give the government’s full backing to a new initiative to further cement the growing partnership between industry and the public sector. Early next year, we will establish the Finance Sector Cyber Collaboration Centre. This will build on existing industry expertise and exploit the NCSC’s Industry 100 scheme, it will be led by UK Finance in alliance with 20 financial institutions.
As government, we recognise that cyber security is everyone’s responsibility. We must learn from – and support – one another. For example…
…By taking part in our annual FTSE 350 Cyber Governance Health check – which is now open – you can benchmark the cyber security of your organisation against your peers and understand where you can improve your resilience to cyber attacks.
And I believe our efforts are bearing fruit. The UK’s cyber security industry is making an enormous contribution and is generating more than £5 billion to our economy.
It benefits from strong support from government, including specialist expertise and world leading academic institutions which are providing much needed access to funding, targeted support and also testing facilities. There has never been a better time to invest in our high-quality and home-grown cyber security start-ups and emerging businesses – there are now more than 800 of those across the UK.
Those businesses, supported by the government’s Industrial Strategy, provide world leading products and services to buyers right across the world – injecting innovation into our economy to build a UK fit for the future.
We consider it vital that all organisations should embrace and embed cyber security, from the boardroom down. This isn’t only about minimising operational, financial and reputational risk. Building resilience amongst employees and customers can also be a catalyst for far greater change.
That’s why I will be meeting a number of FTSE 350 Chairman to discuss how the government’s new Board Toolkit will help you better understand cyber risks and also to seek the ideas of business leaders on how to make our nation more resilient.
So, to look ahead to the challenges and opportunities of the future, I look forward to continuing to work together with you in the financial sector, and business more widely, to protect both our national security and our joint economic prosperity.