Does the Cyber marketplace need regulating?

Over the course of the Autumn/Winter conference season, I’ve continued to have discussions with colleagues, peers and the like about how the Cyber marketplace can be made to work more efficiently. The theory runs that UK Plc does not really understand the implications of the cyber threat, and so does little to intelligently consume protective practices and technology.  The reason why this is important is entirely a macroeconomic one: if the UK can emerge from this period of economic instability as the flag bearer for cyber security, and is seen as a safe place to do business, it will attract inward, high-tech and therefore high margin investment.  Not for nothing is Cyber a Tier-One threat: it is about the economic wellbeing of us all, not just the cash point networks going down.


At this point I should ‘fess up.  As a child growing up in the 1970s of working class stock, I am naturally disinclined to go for anything regulatory or that smacks of interference from Government (that’s ‘son of Thatcher’ to you and I).  My immediate reaction is that the market should decide.  Economic theory teaches us that the market knows best, and will provide, and Government should get out of the way.


My theory runs thus:

Regulation generally only benefits those players incumbent or big enough to lobby effectively.  I met someone senior in Government recently who said that a set of proposals put forward by one of the big ‘Cyber incumbents’ (I just made that tag up BTW) was so blatantly biased towards them as to provide some mild amusement around the unit it was presented to.  Regulation and standards stifle innovation and push SME organisations out of the way. I should like to remind you that innovation generally comes from the SME sector – it is their lifeblood, their differentiator – and point out the both Facebook and Google were once SMEs.   It is the SME sector that drives costs down through innovation.


And yet part of me remains uneasy with my stance.


This is far too serious a topic to get wrong.  Governments should only intervene when the market fails.  I’m not saying the market has failed, but the current economic situation does not lead to people making innovative decisions.  Innovation = risk, and right now, people are risk adverse. Which means they are innovation adverse.  So maybe market intervention is called for?  I don’t mean the Cheltenham lot.  They intervene where it’s (broadly) necessary.  I mean the likes of BIS (the DTi in old money) getting stuck in and demanding market changes.  I met some colleagues from BIS this week and it’s fair to say they are mulling this topic over quite seriously right now.  The trick is to intervene with upsetting a delicate eco system that doesn’t force out SMEs, that champions innovation and ultimately makes UK Plc safe.


I’m still a fan of zero intervention at heart, but my head is looking for something right now that just sets matters rolling.  I just hope it’s not too heavy handed.


About Graeme Stewart, McAfee

I work for McAfee as Director of Public Sector Strategy and Relations, UK&I
This entry was posted in Uncategorized and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s