Read the report
This report argues that the success of the new UK National Cyber Force (NCF) will be determined by the quality of the leadership, strategy, structures and processes that shape its growth and operational use.
The report places the creation of the NCF in the wider context in which cyber operations have become an increasingly prominent feature of competition between state and non-state actors. Of all the possible missions for the new force, the report argues that it should focus on counter-cyber operations and supporting the military, rather than pursue civilian infrastructure targeting.
The report argues that, in the UK context, the decision to forge a cyber force out of contributions from multiple agencies and departments was pragmatic, but the success of this model will depend on the exercise of leadership, coordination and a clear sense of shared priorities for the new force.
Key findings include:
- Despite the significant emphasis on offensive cyber in the recent UK Government Integrated Review, ambitions for the NCF should be realistic. Offensive cyber is but one of several components of cyber strategy. The starting point for a responsible, “democratic cyber power” should be improved cyber security and resilience.
- The NCF has a wide variety of possible missions, countering state threats, terrorism and serious and organised crime. It cannot pursue all these missions equally well. Priorities will need to be determined. A balance of counter-cyber operations and support to military operations is arguably the best (and least controversial) use of the NCF.
- There is a compelling argument for more active coordination and leadership of cyber strategy from the centre of government. The future of UK offensive cyber should be decided holistically by ministers, not by competition between the NCF’s constituent departments.
- The NCF will collaborate closely with allies such as US Cyber Command and the UK Government has repeatedly emphasised its commitment to contribute cyber capabilities within the NATO alliance. There remains a balance to be struck between what can be done with allies and what will require sovereign capabilities.
About the authors
Dr Joe Devanny is a Lecturer in National Security Studies and deputy director of the Centre for Defence Studies in the Department of War Studies (King’s College London).
Dr Andrew Dwyer is an Addison Wheeler Research Fellow in the Department of Geography (Durham University) and co-director of the UK Offensive Cyber Working Group.
Amy Ertan is a doctoral candidate in the Information Security Group (Royal Holloway), non-resident Visiting Scholar (NATO Cooperative Cyber Security Centre of Excellence), Cybersecurity Fellow (Belfer Center for Science and International Affairs), and co-director of the UK Offensive Cyber Working Group.
Dr Tim Stevens in a Senior Lecturer in Global Security in the Department of War Studies (King’s College London) and head of the KCL Cyber Security Research Group.
A panel discussion and audience Q&A to launch this report will be held live online on Tuesday 4 May between 3pm and 4.30pm. It will be chaired by Professor Lady Moira Andrews (KCL), with a panel including the report’s authors and invited guests, including Marcus Willett CB OBE (Senior Cyber Adviser at the International Institute for Security Studies, GCHQ’s first Director Cyber and former deputy head). Sign up for the event here.