DCMS cyber security newsletter – December 2022 – GOV.UK

We use some essential cookies to make this website work.
We’d like to set additional cookies to understand how you use GOV.UK, remember your settings and improve government services.
We also use cookies set by other sites to help us deliver content from their services.
You can change your cookie settings at any time.
Departments, agencies and public bodies
News stories, speeches, letters and notices
Detailed guidance, regulations and rules
Reports, analysis and official statistics
Consultations and strategy
Data, Freedom of Information releases and corporate reports
Published 2 December 2022

© Crown copyright 2022
This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.
Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.
This publication is available at https://www.gov.uk/government/publications/dcms-cyber-security-newsletter-december-2022/dcms-cyber-security-newsletter-december-2022
This month marks the one-year anniversary of the government’s £2.6 billion National Cyber Strategy 2022, which set out the government’s vision that the UK continues to be a leading responsible and democratic cyber power. Our work at DCMS is central to the delivery of the strategy, including leading on the Ecosystem and Technology pillars of the strategy and I am pleased about the progress we have made over the past 12 months.
Part of this is our work on helping the UK adopt secure connected places technology and smart cities, which harnesses the power of data to improve how we run the places where we live, work and learn. I was fortunate enough to attend the Smart Cities Expo World Congress in Barcelona in November where I met many people and organisations from across the sector. This was a great event with attendees from all over the world coming together to discuss the opportunities and challenges of this technology. As part of the visit, I had the opportunity to participate in a couple of panel events focusing on the importance of security in connected places, alongside colleagues from our External Advisory Group, and Westminster City Council, who we are working with on our ongoing Secure Connected Places Research project. Overall, the event was a great success, and I look forward to seeing an even stronger UK presence for the 2023 Congress.
Also last month I am happy to say the new Product Security and Telecommunications Infrastructure Bill finished its passage through Parliament and is set to become an Act. As more of the products we buy are connected to the internet it is critical consumers and businesses have confidence that they have the necessary protections in place. With this Bill the UK has made history by developing the first ever legislative regime mandating minimum cyber security standards for consumer products.
Erika Lewis
Director, Cyber Security and Digital Identity
The government has announced that the Network and Information Systems (NIS) Regulations will be strengthened to protect essential and digital services against increasingly sophisticated and frequent cyber attacks. 
The response to a public consultation held earlier this year explains how managed service providers (MSPs) – which provide IT services such as security monitoring and digital billing – will be brought within scope of the regulations. MSPs can have privileged access to their customer’s IT networks which makes them an attractive target for cyber criminals. The changes include measures to boost security standards and increase reporting of serious cyber incidents to reduce risk of attacks causing disruption. The laws will be updated as soon as Parliamentary time allows.
The Product Security and Telecommunications Infrastructure Bill has finished its Parliamentary passage and is expected to become an Act in the coming weeks. This will help protect citizens, networks and infrastructure against the harm caused by insecure consumer “smart” products.
The law will require manufacturers to: 
The National Cyber Security Centre (NCSC), with support from DCMS, the Home Office and the police, have relaunched the Cyber Aware campaign to encourage the public to shop online securely in the run up to Christmas. This comes as new figures revealed victims of online shopping scams lost on average £1,000 per person in the same period last year
The key messages of the campaign are:
You can support the campaign by sharing posts from the NCSC Twitter and LinkedIn channels or by using the materials on the campaign resource website.
The Department for Education is inviting training providers and employers to apply to deliver Skills Bootcamps. Skills Bootcamps are free courses for adults typically lasting up to 16 weeks. They help people develop priority skills that are in demand at both local and national level.
Last financial year more than 50 suppliers were awarded funding from a pot of £68.2 million to deliver the Bootcamps to thousands of adults in a range of high-value sectors, including digital logistics, manufacturing and construction. Significant investment has been committed by the government to scale up Skills Bootcamps from 2022 to 2025 and the first competition in 2023 will be for digital skills. We know from the Cyber Security Labour Market Survey that career changers are the second largest route into the cyber workforce after graduates, and Skills Bootcamps are an important gateway for our sector.
To bid for contracts you will need to apply to qualify for the dynamic purchasing system, which is supporting the Bootcamp procurement.
The University of Nottingham and Queen Mary University of London are conducting a short survey to investigate organisational awareness and readiness to adopt technologies based upon Digital Security by Design (DSbD).
This survey seeks to explore organisations’:
The work is contributing to an 18-month project funded by Discribe, the DSbD Social Science Hub+, part of the UK government’s DSbD Programme and the findings will support the development of a Self-Assessment Tool for organisations to profile their awareness of DSbD and potential opportunities for incorporating it. The survey is open to all businesses and individuals to take part.
Plexal has introduced the DCMS-funded Cyber Runway Ignite programme to support exceptional cyber startup founders. It builds on Cyber Runway, the largest cyber startup accelerator in the UK, and differs with a specific leadership enhancement focus – rather than that of the businesses.
Six ambitious founders have been chosen to form the first Cyber Runway Ignite intake of innovative security talent from Plexal’s extensive cyber community, which has been built through programmes such as Cyber Runway, NCSC For Startups and LORCA.
The Ignite programme aims to help the cohort upskill in areas that’ll enhance their leadership and subsequently grow their businesses to unlock prosperity for their employees and communities, inspiring other early-stage entrepreneurs in the process.
DCMS cyber security minister Julia Lopez spoke at a Cyber Essentials showcase in November to celebrate the awarding of the 100,000th Cyber Essentials certificate.
Speaking to an audience of large and small businesses, government departments, trade bodies and charities, Minister Lopez highlighted how the scheme had benefited organisations of all sizes, including a nursing home in Liverpool, a domestic abuse charity in the Midlands and a charity supporting those with visual or hearing loss in Scotland.
She also noted how Cyber Essentials was helping to address supply chain risks and how the new Cyber Essentials Pathways pilot was exploring how to make the scheme more accessible to a wider range of organisations.
DCMS recently attended the 2022  Smart Cities Expo World Congress in Barcelona in November. The event attracted over 20,000 attendees from 134 countries across the globe. As part of the Congress, DCMS participated in events including a roundtable discussion with the G20 Smart Cities Alliance, bilateral engagements with South Korea, and an interview with the organisers of the Expo. 
 DCMS were also privileged to host a centre stage panel event focusing on the cyber security of connected places. DCMS were joined by speakers from Connected Places Catapult and Westminster City Council, who are working alongside DCMS on their ongoing Secure Connected Places Research Project. 
 For more information, please visit the government’s new secure connected places collection page.
In November, Government and industry came together for the first meeting of the new National Cyber Advisory Board (NCAB) to discuss how they will protect and promote the UK’s interests in cyberspace, including how best to counter growing cyber threats.
The Board will champion a ‘whole-of-society’ approach to cyber and will work closely with the Government’s National Cyber Security Centre, which is already running campaigns and training for business, Government and consumers to build cyber resilience. 
Chair of the Board and Chancellor of the Duchy of Lancaster, Oliver Dowden, highlighted the importance of NCAB in “bringing leaders from across industry, the third sector and academia to share information and expertise on how to build and protect our digital economy and services.”
The Secure Connected Places team at DCMS have launched a new landing page on gov.uk to help keep you up-to-date on their work supporting the cyber security of connected places and smart cities.
The page will feature information about the team’s current and future projects and enable access to their research. It also includes a contact email if you have any questions or comments for the team.
DCMS is currently recruiting seven Policy Advisors in Cyber Security & Digital Identity across both the London and Manchester offices. These roles will help drive an ambitious digital agenda to make Britain the most connected, tech friendly, innovation-driven, digital skilled and cyber-secure country in the world.
The deadline for applications is 9am on Monday 5 December.
Don’t include personal or financial information like your National Insurance number or credit card details.
To help us improve GOV.UK, we’d like to know more about your visit today. We’ll send you a link to a feedback form. It will take only 2 minutes to fill in. Don’t worry we won’t send you spam or share your email address with anyone.


Leave a Comment