Securing Cyberspace: Minister Doughty speech
Minister Doughty outlined the UK’s commitment to responsible behaviour in cyberspace in a keynote speech at RUSI’s Securing Cyberspace Conference.
Thank you very much for traveling from near and far.
It’s a real pleasure. We’ve got so many leading lights in government, industry, law enforcement, academia and civil society here in one room.
And I’m very grateful to RUSI for bringing this together as they so often do.
This is a very welcome opportunity to reflect on an important mission for the new government that I’m proud to serve in, and that is, of course, enhancing cyber security and promoting responsible behaviour in cyberspace.
You in this room are all of our vital and valid partners in this.
And everyone here today has a role to play in shaping the future agenda, bringing diverse perspectives, specialist knowledge and deep expertise.
So thank you once again.
And I really hope that this conference, which we’ve been proud to support, helps you forge fresh connections and find new ways to collaborate.
And we cannot meet at a more pivotal moment in world history - a moment of the most extraordinary change, of risk, and of opportunity.
Because from our banks to our electricity grid, from our defence to our hospitals, the online cyber world underpins every aspect of our society.
And with every day that passes, we of course, rely on it more for our prosperity and our security.
But you hardly need to be told that this brave new world has a dark side -and the years to come will see us walking dangerous and difficult complex paths.
And I just reflect in my own life, I got my first email address when I was only 15 or 16 years old.
I went to an international school in Canada. It was quite a big chance to connect with some of my classmates from across the world, but my parents were still not used to the system. They were printing out my emails when I sent them home, kept them all in a folder as a physical copy and presented them to me.
But today, of course, we’re in that world shaped by Al and quantum, by ever evolving threats and opportunities.
And of course, we know that state actors, criminals and others who want to harm us are fighting hard for their share of this space which knows no borders.
Those are the threats, but we also have huge opportunities and the question, of course, for all of us is how we embrace the opportunities that cyber brings in every aspect whilst addressing those key challenges.
And so I’m grateful for the chance to share some perspectives with you today.
I wanted to start by saying that since taking office in July, growth and security have been among the government’s very top priorities and they will remain that way.
In a world where we all live and work online, investing in cyber security and promoting responsible behaviour is an essential part of this mission, because fundamentally, and you will all know this, there is no national security, no economic security without cyber security.
We cannot fulfil our growth Mission as a government without cyber resilient businesses and supply chains, a Cyber aware workforce and society.
And of course, all of those underpinned by strong technical and skills expertise in the cyber sector.
This is true for all of us, investing in that security and promoting responsible behaviour has to be a collective endeavour.
I wanted to highlight today and reflect on three key themes that will guide our approach as a new government.
The first of those is that partnerships are vital for success.
When Alan Turing and the codebreakers in Bletchley Park – I have visited and I’m sure many of the you in this room have – they, of course, cracked that Enigma Cipher during the Second World War, sharing those insights with our allies saved countless lives and hastened the end of the war.
But of course, today, the world faces a whole new set of threats.
Spyware, ransomware, espionage, information manipulation and other forms of interference are causing untold losses and distress to our security and to our economic security.
The World Economic Forum estimates that the global cost of cybercrime will reach 24 trillion US dollars by 2027, that’s up from an almost eyewatering 8 trillion in 2022.
In the online world, the stakes are higher than ever, and the gloves are well and truly off.
So it’s only through solid, respectful, mutual, beneficial partnerships that we can fight back, overcome the challenges we face, and make the most of important opportunities for all our people.
It’s a pleasure to see friends from across the diplomatic audience today as well, ready to solve these problems working together with partners and allies across the world.
That’s why, from Day One, this new Government has focused on connecting Britain and strengthening relationships with countries around the world, from the Euro-Atlantic to the Global South.
That means enhancing our relationships with the EU and our European friends to forge closer cooperation spanning the whole range of issues, including military, economic and cyber, our unshakeable commitment to NATO, the bedrock of our defence.
And here I will point out that the UK is playing a leading role in work to deter and respond to cyber threats.
And later this year, we will of course host the NATO Cyber Defence conference to galvanize those efforts.
We’re also collaborating with many individual countries and partners, for example, in the Western Balkans, a region I’m privileged to know well from many visits.
Indeed, in Opposition, I met with young cyber experts in Pristina and discussed their careers, their prospects, and how we can work together as partners.
We’re, of course, working together with governments right across the world to bolster defence and counteract threats.
And just last month, I was in Moldova where I discussed these issues and partnerships at the Ministry of Defence in Chișinău.
And turning to the wider world, particularly our important partnerships in the Global South, our work with Interpol in Africa, across the Indo-Pacific and indeed, Latin America, tackling cybercrime, building closer cross-border partnerships.
In Africa, this partnership has helped to smash 20,000 criminal networks and seize illegal funds worth more than 40 million US dollars.
Last year, Interpol coordination with cybercrime units in Nigeria, Benin, Cote d’Ivoire saw 300 suspects arrested, 3 million US dollars’ worth of assets ceased and multiple criminal networks dismantled.
In the months and years ahead, the UK will continue to play our role at Interpol, an organisation which of course is at the sharp end of the increasingly borderless world of global crime.
Secondly, I want to talk about responsible cyber behaviour.
In all of our collaborations around the world, we remain committed to the United Nations Framework for Responsible State Behaviour in the use of Information Communication Technologies, but will be guided by our principles when it comes to ensuring safe and responsible use of cyber capabilities.
That’s the second important theme of our work overall, and the topic I know you’ll be discussing in detail at this conference, thanks again to RUSI for putting together such a strong and relevant agenda.
But for now, I will simply say that for the UK, this is about staying at the forefront of science and technology so we can understand threats and respond appropriately, and helping others do the same.
For example, supporting cyber security nonprofit organisations like Shadowserver to share threat data.
It’s also about transparency, which is so vital to facilitate cooperation, build trust and reduce the possibility of misinterpretation and escalation.
It’s also about inclusion, for example, by bringing stakeholders, including many of you in this room with all their expertise into that global cyber security discussion. A topic I will return to shortly.
But it’s also importantly about promoting accountability, because while we here in this room are united in our support for responsible behaviour, we know that not everybody plays by those rules.
Sometimes we will need to take firm action, and the UK will continue our important work with partners to hold criminals and others to account.
International cooperation is central, as demonstrated in August, when, after significant efforts by many of those in this room, here today, UN member states finalized a new draft Cybercrime Convention.
Many of us, of course, have the tools to take domestic action in this area too.
Just last week, on 1 October, alongside the United States and Australia, this country sanctioned 16 members of the Russian cybercrime gang, Evil Corp.
This group, which truly lives up to its name, has waged a campaign of destructive attacks worldwide for over a decade.
They include malware and ransomware attacks against UK health, government and public sector institutions as well as commercial technology companies.
Those sanctioned are now subject to asset freezes and travel bans.
Alongside our allies, we will continue to crack down on malicious activity and call out criminals like Evil Corp, who seek to underline our prosperity and security.
Thirdly, I wanted to stress the importance of a whole of society approach.
And as a Member of Parliament, I see how cybercrime, these challenges affect the lives of my constituents on a daily basis, whether it’s in fraud, whether it’s in terrorism, recruitment of individuals. I’ve seen these aspects in the lives of my constituents over the last five years.
As this conference demonstrates, we’re taking every opportunity to bring a wide range of expert stakeholders into our work. Because cyber is not, of course, as you all know, just about the technology, it’s about the people who interact with it, people who come from all spheres of society and all parts of the globe
That includes those outside the realm of Government, who have huge pools of talent, expertise, innovation and enthusiasm to bring to the table.
And we have to make that advantage count through a whole of society approach to cyber. So this government is absolutely committed to work hand in glove with our partners in industry, in the development sector, in academia, in the not-for-profit sector and beyond.
And we’ve got an impressive story already to tell here and want to do even more on. Let me just reflect on a few examples.
Firstly, as Putin continues to wage an illegal war in Ukraine, we are working with Mandiant, Palo Alto Networks, CloudFlare, BAE systems, along with the government in Kyiv to bolster Ukraine’s resilience to Russian cyber attacks.
We’re drawing on world leading expertise from across the public and private sectors to protect Ukraine’s critical infrastructure and vital public services
But our partnerships with industry leaders are not just about addressing threats.
As the third largest exporter of cyber security services globally, there’s no doubting how important this sector is to our own economy, indeed to all of our economies, we need to stay ahead of the game when it comes to innovation, and as I’ve said, we have huge talent to draw on.
We will work with industry to make the most of the opportunities for British businesses, boosting prosperity and sharing our expertise with the world.
We’re leading the efforts through our National Cyber Security Centre to test ideas, enhance understanding and to engage with talented individuals from the private sector to shape our approach.
Of course, companies also have a crucial role to play in setting out responsible values and principles for their work. We know this is not a straightforward process.
So we will work with partners to find solutions to problems like the unregulated market for spyware that’s being used to target journalists and other civil society communities across the globe, violating human rights and ultimately undermining our free and open societies.
We’re bringing people together through the Pall Mall process - from states, industry and civil society to tackle the misuse of commercial spyware and other tools.
And besides those efforts to turbocharge our economy and shape the rules of the game, we want to work hard to level the playing field for people.
We want to be seeing cyber as an inclusive space where everyone can fulfil their potential.
That’s why we’re supporting schemes like the Caribbean Experts Fellowship - part of our wide-ranging work with the Commonwealth.
That scheme is going to support the brightest minds from across the region to shape the safe and prosperous cyberspace through academic research, opportunities, networking and more.
We’re also committed to close the gender gap in cyber because fundamentally, no country can achieve its full potential if it underuses 50% of its resources and talents.
And indeed, yesterday, on Ada Lovelace Day, the world celebrated the achievements of women in science, technology, engineering and mathematics, and I want us to celebrate those achievements every day and create fresh opportunities for women in every area of this work.
The UK already has some great projects around the world helping smooth the path for a new generation of female cyber experts to make their mark on this world - from our ‘Her Cyber’ project in Albania, which reaches out to girls at an early age through after school clubs and running right through to university level support, to our UN Women in Cyber Fellowship, which is sponsored with partners including Canada, US and Germany, to encourage greater female representation in negotiations in the UN First Committee.
So, I’ve gone through three key themes today. I hope they give you some insights to our thinking and direction of travel, as a new government.
But to conclude, we are living in a world, as I said at the beginning, that was unimaginable just a few decades ago.
It’s a world that’s ripe with opportunity when it comes to cyber, but of course, laden with challenge.
I’ve been glad of the opportunity today to be able to set out some of the ways in which the government will make the most of those opportunities, together with you, while meeting challenges head on through partnerships spanning the globe, demonstrating what a responsible approach looks like, and collaborating with those outside the government who have so much to bring to these efforts.
That’s how we can ultimately keep our citizens safe, help our economies to flourish, protect our security and stand up for our values.
So once again, I want to welcome you all here today to add my support to your efforts today to discuss these important issues, and to give our commitment as a new government to work with all of you as we develop our capabilities to respond to those threats and opportunities in the future.
Thank you very much.