Future UK Cyber Security Strategy

This project examines future options for the UK government as it formulates a new Cyber Security Strategy post-2021.




Main Image Credit Global communications


The UK is approaching a milestone in its cyber security journey. The UK’s second National Cyber Security Strategy (NCSS), established in 2016 and underpinned by £1.9 billion of investment in transformational activities, ends in 2021.

After 2021, there is the possibility that cyber-related issues will be ‘mainstreamed’ within UK government and there may not be the same need for a dedicated and centrally-managed investment programme.

Main Image Credit Global communications

Aims and objectives

The project brings together a network of partners from the UK government, public sector, private sector, research, and academia. The research will:

  • Explore future options for the UK cyber security strategy
  • Consider how the UK can embed and build upon its existing work in cyber security
  • Assess the advantages and disadvantages of ‘mainstreaming’ cyber security investment
  • Evaluate future roles and responsibilities of the public sector, private sector and individual citizens in cyber security
  • Assess where future UK investment in cyber security should be distributed


RUSI is conducting further primary research to inform future policy development relating future UK cyber strategy. This includes work on benchmarking the existing UK cyber strategy against other relevant national cyber strategies. Considering the above, this project will seek to explore the following research questions:

  • What should be the role of government in an area like cyber security?
  • What should the role of the private sector and wider society be in an area like cyber security?
  • What should the UK’s international approach to cyber security look like?
  • What else can be done to raise core standards in cyber security?
  • How can the UK introduce effective policy and a strategic framework in relation to offensive cyber?
  • What different strategic approaches are relevant nations currently taking to mitigate cyber risks? What lessons can be learned?


This project will combine literature review, stakeholder interviews, and survey methods to provide insights into national cyber strategies. This will be achieved by engagement with a global cross-section of society, including policymakers, cyber security experts, and wider society.

Project outputs


Access the key publication outputs for this project.

5G Cyber Security: A Risk-Management Approach

Huawei, Not All the Way

clock5 Minute Read
View onlinechevron-right

The UK Cyber Strategy: Challenges for the Next Phase

There's More to Cyber Than Huawei

clock6 Minute Read
View onlinechevron-right

WhatsApp Hack Calls into Question Government Use of Commercial Spyware

clock7 Minute Read
View onlinechevron-right

Organising a Government for Cyber: The Creation of the UK’s National Cyber Security Centre


Explore related projects

Tackling Cyber Fraud

Globalisation of Technology

Incentivising Cyber Security Through Cyber Insurance