While it is uncertain the next future of United Kingdom in European Union, it is clear that Brexit would have a significant impact in cybersecurity.
di Federico Casano
This article aims to inform about four critical points that could lead to an increase of cybercrime in UK, weakening the defenses now in place: Regulations (e.g., GDPR), Intelligence (e.g., info sharing), Experts shortage (e.g., discouraged people), Devaluation of the pound (i.e., less acquisition of cybersecurity products).
(ITA version) Questo articolo intende informare su quattro punti critici che potrebbero portare ad un aumento della criminalità informatica nel Regno Unito, indebolendo le difese ora in atto: regolamenti (ad es. GDPR), intelligence (ad es. condivisione di informazioni), carenza di esperti (ad es. persone scoraggiate) , svalutazione della sterlina (cioè, minore acquisizione di prodotti di sicurezza informatica).
Regulations: Currently UK must comply with the General Data Protection Regulation (GDPR), a regulation in EU law for protection and privacy of European citizens data. Anyway, the changes brought about by the Brexit could replace the present guidelines modifying the position of the government for questions concerning data protection, privacy, and even cybersurveillance.
The government could opt for weaker policies that increase the risk of privacy violation.
Then, the private sector spent time and money to fulfill the new set of laws, so a further modification would result only in a worthless expense for them.
Intelligence: It is well known that Britain has a pivotal role in intelligence, but with Brexit this could change. For instance, what we can expect from Europol? So far, there is no an international agreement between the major powers of the world, and allied entities like Europol are essential for UK. Indeed, Europol allows countries in Europe to share precious information regarding cybercrime as well. If Britain will not be able to renegotiate its cybersecurity relationships across Europe (including Europol), the country could inexorably face an increase of cybercrime with significant costs for government, companies and citizens. Indeed, as demonstrated in these years in the cyber field, less information implies less awareness of the foreseeable risks, due to the lack of preparation, leading to more cyber-attacks,
Cybersecurity experts shortage: The discontent and worry of something not yet defined, the exit of Britain from European Union, have transformed the opinion of companies and citizens. Some firms are moving their offices from London to another country and people are discouraged from coming to UK for working.
For instance, EasyJet’s aircrafts now all seem to be registered outside the UK. However, it is more than just a point of view issue: The real problem for the UK IT industry will be the end of freedom of movement, plus the heightened xenophobia there that is making people leave even if they are entitled to live there. It is also increasingly difficult to get visas for people from India, China, Russia etc. If the companies just cannot get enough people who know how to write software at all – let alone security specialists – then all of industry and commerce will suffer. Hence, the absence of skilled cybersecurity “defenders” can be translated in less barriers for always more powerful criminals.
Devaluation of pound sterling: With the weakening of the currency, phenomenon described by the markets, the government can afford less investments, among which the ones for the cybersecurity sector.
For this reason, cyber criminals knowing that funds are essential to develop solid cybersolutions to contrast sophisticated attacks, will consider UK a coveted prey.
United Kingdom with Brexit desires to regain sovereignty, establishing itself as one of the most powerful nation in the world, but only with a robust economy the government can reach its supremacy.
However, we have already experienced what a group of hackers can do (e.g., WannaCry ransomware attack) and what are the economic damages for the country. Therefore, only applying an appropriate policy and solving the issues illustrated above, the country will be able to achieve the aspired results.