The cyber threat landscape becomes more complex with every passing day and, as malicious actors explore new means of attack, the need to secure our digital future is more compelling than ever. From protecting businesses against sophisticated attacks, to securing critically important national infrastructure, cybersecurity has become an indispensable pillar of modern society. ISACA is at the forefront in this mission, actively working with many public and private organizations to help shape policies that ensure digital trust and security across the UK.
In light of the UK’s recent general election, which produced a change of Government and unprecedented turnover in Parliament, now is an important moment to reflect on the challenge facing policymakers and think about the digital environment we want to cultivate, and the practical steps that need to be taken today to realise this in the longer term.
To crystallise our policy ambitions for the new Parliament, we have published “ISACA’s UK Vision Paper 2024: A manifesto for bridging the UK’s digital skills gap and improving cyber resilience”. The paper outlines a clear strategy and policy recommendations to address three of the most important challenges facing the new Government: closing the growing digital skills gap, securing critical national infrastructure (CNI), and strengthening organisational cybersecurity governance across the UK economy.
The most urgent of these issues is the UK’s continually-widening digital skills gap. Failing to address this growing divide threatens the UK’s economic potential and readiness against cyber threats. ISACA's Vision Paper highlights the need for closer ties between government and industry to tackle shortages, as exemplified by the CyberFirst program. So far, the program has given over 260,000 students cybersecurity-related educations, but – by the Government’s own admission - more needs to be done in partnership with industry and academia to build a larger, steadier pipeline of talent, particularly into critical emerging sectors like AI and quantum computing.
The consequences of a major cyber-attack on critical national infrastructure, such as the NHS, could be catastrophic. This is not a form a distant, speculative scenario - recent events, like the ransomware attack on Synnovis, which disrupted hospitals across London, highlight the vulnerabilities we must urgently address. ISACA’s Vision Paper outlines how we believe policymakers must reconceptualise the scope of existing cybersecurity regulations to encompass more ‘critical third parties’, recognizing the increasingly interconnected and complex supply chains national infrastructure operate in.
The recent steps undertaken by DSIT over the last years to refresh and modernise the Government’s enterprise cyber security guidance, such as the drafting of a Cyber Governance Code of Practice, a code for software developers and vendors and an AI security code, shall find immediate recognition and application by as many enterprises as possible. As the ISACA’s paper highlights, there is much to do to change corporate cultures around cyber security, particularly at board level, where – as the McPartland’s recent review highlighted – it is often regarded as technical and an additional cost. However, promoting and driving implementation of DSIT’s new guidance codes as a gold standard for enterprise security, will be a major step forward.
Collaboration is essential to achieving this vision. By working closely with the UK government, industry leaders, and professionals, ISACA ensures that the policies we champion are not only effective but also practical and scalable. Cybersecurity is not just a technical issue—it is a societal one. The future of our economy, safety, and way of life depends on our ability to build and maintain trust in the digital world. ISACA's vision papers outline a clear, actionable path to that secure future.
More information about ISACA’s advocacy work is available at https://www.isaca.org/about-us/advocacy. The "ISACA Vision Paper 2024" is available for download here.