The government has unveiled plans to invest £100m in cyber security research and development as part of a new drive to make hardware more secure.
The bulk of the funding (£70m) will be made available through the Industrial Strategy Challenge Fund in a bid to make security a key part of the design process for manufacturers.
The remaining £30m will be allocated by UK Research and Innovation with the aim of securing internet-connected devices. It is predicted that 420 million internet of things (IoT) devices will be deployed in the UK over the next three years.
Sign up to Emerging Threats, our weekly cyber security newsletter
One of the biggest flaws in IoT security today is to be found in home broadband routers, which cyber criminals have leveraged to create huge botnets and launch distributed denial of service attacks on businesses.
Greg Clark, the business secretary, said the investment could represent a “step-change” in cyber security in the UK: “With businesses having to invest more and more in cyber security, ‘designing in’ security measures into the hardware’s fabric will not only protect our businesses and consumers but ultimately cut cybersecurity costs to businesses.”
The government wants to increase the UK’s share of the global cyber security market, which is predicted to be worth £39bn in ten years’ time, and hopes the challenge will enable British entrepreneurs to do so.
Dr Ian Levy, the National Cyber Security Centre’s Technical Director, added: “[We’ve] been working closely with government to promote adoption of technology and practices to protect the UK. We hope this additional investment will drive fundamental changes to products we use every day. This is vital work, because improving hardware can eradicate a wide range of vulnerabilities that cause significant harm.”
Max Heinemeyer, director of threat hunting at Darktrace, said new government investment in research “comes not a moment too soon”. He added that while resourceful hackers “will always find a way in”, “increasing the resilience of hardware will make it more difficult for attackers to exploit certain devices”.
The announcement came as the government revealed it was investing a further £500,000 in the Cyber Security Immediate Impact Fund, a programme to equip people from underrepresented groups with the skills needed to work in the security industry.