Skip to the content

Government mandates ‘secure by design’ for Whitehall digital systems


Mark Say Managing Editor

Get UKAuthority News


Oliver Dowden
Image source: Rory Arnold, No 10 Downing Street, CC BY 2.0

Deputy Prime Minister Oliver Dowden has said the Government is now mandating the use of a ‘secure by design’ approach for central government digital systems.

He made the announcement in a speech at an unspecified event along with a claim that Russian hackers have been behind hostile cyber operations to interfere with the UK’s democratic processes.

Secure by design involves alternate security strategies, tactics and patterns being considered at the beginning of a software design and the selected ones being used as principles for developers. While it has been moving into the mainstream and is now widely used in government, Dowden’s announcement indicated it will now be compulsory.

He said the move is critical given the long running trend to make government services digital by default.

“The challenge is to make those digital systems secure by design and to embed effective cyber security practices into our digital delivery,” he said. “That’s why I am announcing today that we will make security everyone’s responsibility and make secure by design mandatory for central government organisations.

“This approach is already inspiring our partners around the world and, like our earlier digital revolution, is likely to be emulated around the world. Your role in embedding this approach at home will be crucial.”

Centre 18 hostilities

Dowden said the Russian cyber attacks have come from a unit within the country’s Federal Security Service known as Centre 18, and have targeted MPs, civil servants, thinktanks, journalists and non-governmental organisations. The group has selected leaked and amplified information designed to undermine trust in politics in the UK and elsewhere.

In response, the Foreign Office has summoned a senior representative of the Russian government and “appropriate sanctions” have been levelled.

The deputy prime minister also highlighted efforts to build cyber security skills in the UK, including apprenticeship and fast stream programmes. These come in response to an estimated national shortfall of around 14,000 professionals in the field.

“We need the experts of the future to be coming up, through that pipeline, to meet the challenges of the future,” he said.

Register For Alerts

Keep informed - Get the latest news about the use of technology, digital & data for the public good in your inbox from UKAuthority.