Britain’s cybersecurity policy needs common sense, not just cash | John Naughton

Announcements by the chancellor about funding are all well and good, but simple legislative action might have more effect

On Tuesday, the chancellor, Philip Hammond, announced that the government was "investing" 1.9bn in boosting the nation's cybersecurity. "If we want Britain to be the best place in the world to be a tech business," he said, "then it is also crucial that Britain is a safe place to do digital business" Just as technology presents huge opportunities for our economy - so to it poses a risk. Trust in the internet and the infrastructure on which it relies is fundamental to our economic future. Because without that trust, faith in the whole digital edifice will fall away."

Quite so; cybersecurity is clearly important. After all, in its 2015 strategic defence and security review, the government classified "cyber" as a "tier 1" threat. That's the same level as international military conflict and terrorism. So let's look at the numbers. The UK's defence budget currently runs at 35.1bn, while the country's expenditure on counterterrorism is now running at about 3bn a year. That puts Hammond's 1.9bn (a commitment he inherited from George Osborne, by the way) into perspective. And the money is to be spent over five years, so an uncharitable reading of the chancellor's announcement is that the government is actually investing just under 400m annually in combating this tier 1 threat.