Cyber Cluster Operating Framework

Working with cyber cluster leads from across the UK, the UKC3 has developed an agreed operating framework for Cyber Clusters. As part of becoming formally recognised and funded by UKC3, a Cyber Cluster must operate in line with the framework. The framework comprises a common set of principles, objectives and outcomes that provide a clear definition of a Cluster’s remit and objectives, enabling stakeholders to better understand and support the work that Clusters do in developing and growing their local cyber ecosystem.

Background

The purpose of this document is to define a common operating framework which Cyber Security Clusters across the UK can align to. The framework comprises of a common set of principles, objectives and outcomes that provide a clear definition of a Cluster’s remit, helpful when engaging with other organisations operating within the region such as Cyber Resilience Centres and Local Enterprise Partnerships.

A key driver behind defining this framework is that it will enable central government (in particular DCMS) to better understand and support the work that Clusters do in developing and growing their local cyber ecosystem.

It is important to note that whilst having a common set of principles and an agreed strategy is advantageous, in order to be most effective Cyber Security Clusters must retain the autonomy to determine priorities as appropriate for the region and membership that they represent. As such, the points defined in this document are not intended to be a prescriptive set of rules that all Clusters must rigidly adhere to. Instead, they should be viewed as a framework for Clusters to operate within.

Starting with the output from the DCMS commissioned report into UK Cyber Security Clusters conducted in Summer 2020 by Atkins, the operating principles outlined in this document have been defined and refined by the Cluster Collaboration Group (CCG). Membership of the CCG is open to all UK Cyber Security Cluster leaders and is formed of:

  • Kerrianne Gauld, Bristol & Bath
  • Richard Yorke, CyNam (Cheltenham) – Chair
  • John Davis, Cyber Wales
  • Gary Woodman & Linda Smith, Midlands Cyber/Worcestershire LEP
  • Phil Jackman, North East
  • Judith Millar, Northern Ireland
  • Stewart Benger, Oxford and Thames Valley
  • Darren Chapman, Norfolk
  • Ciara Mitchell, Scotland
  • Robin King, South West
  • Mark Pearson, Surrey Cyber Security Cluster
  • Brea Woods, Swindon & Wiltshire
  • Melanie Oldham, Yorkshire – Vice-Chair & Comms
  • Rebecca Bryant, DCMS

1. Mission Statement & Core Principles

Mission Statement

UK Cyber Security Clusters serve as a platform for innovation and collaboration within their geographic region, with the goal of developing the Cyber ecosystem and driving economic growth. They do this by providing opportunities for networking, knowledge exchange, sharing of best practice, and identification of opportunities for regional and ultimately national growth, whilst working across public, private sectors and academia.

Core operating principles

The principles below form the basis against which Cyber Security Clusters will operate. These principles will be upheld by all clusters however, each cluster has the autonomy to determine priorities as appropriate for the region and membership that they represent.

As an overarching principle, Cyber Security Clusters must at all times operate in the interests of the regional cyber industry/community as a whole and not individual business interests.

No. Principle Description
1 Act as a regional voice for cyber organisations Promote regional issues at a national level and be the collective voice. CSCs can do this by providing opportunities for discussion and challenge, using public and private networks to connect people.

Via the Cluster Council provide a regional voice, perspective and intelligence to contribute to the development and delivery of national cyber security policy.

To achieve this Clusters must be locally grounded and build trusted relationships with regional businesses.

2 Promote Collaboration and Knowledge Exchange Share best practice and raise regional understanding around key cyber issues including both technical and non-technical advancements in capability. CSCs can do this by providing opportunities for discussion and knowledge exchange these could be within the sector or imparting knowledge into another sector (e.g. through regional events).
3 Champion major cyber issues Be a regional driving force that challenges organisations and individuals to think about and tackle major issues such as diversity in the cyber sector. Clusters can do this by working with the wider regional ecosystem to set goals and provide opportunities for all to be heard.
4 Incentivise and showcase cyber innovation Encourage regional cyber innovation and share knowledge across the ecosystem. Clusters can do this by providing opportunities for knowledge exchange and creating awareness of public and private incentives for innovation.
5 Promote the regions’ cyber specialism and focus for the national benefit Drive regional growth and innovation and help make the region a great place to do business. CSCs can do this by having an online presence, share best practice, provide opportunities for collaboration, promote and market regional success, and collaborate outside of the region.
6 Support UK cyber initiatives and act as a filter for national updates Engage with government to help shape and then promote government initiatives to accelerate regional cyber ecosystem growth. Clusters can do this by updating membership frequently on new initiatives and engaging with national Government.
7 Work with Regional Cyber Crime Units and Cyber Resilience Centres (CRCs) to support the reduction in scale and impact of cyber crime in the region Raise awareness of cyber resilience and cyber crime reduction capability and activity being developed and offered by companies and organisations operating in the region. CSCs can do this through collaboration with their RCCU and CRC e.g. by taking a place on their Strategic Advisory Board.

2. Objectives and Outcomes

Objectives

Raise awareness and understanding of cyber activities within the region at both a national and international level

Support the development of a healthy and diverse talent pipeline into the Cyber industry

Support the creation, development and growth of new and existing cyber businesses in the region

 Support and promote cyber research and innovation activities in the region

Outcomes

On a regional and national level there are several outcomes, highlighted below, that are delivered and/or supported by Clusters operating in line with their core principles and the above objectives. The development of a UK wide strategy and business plan for Cyber Clusters will aim to define tangible KPIs against which progress can be measured and support directed to the right areas.

There is a healthy number of new entrants into the cyber market

Investment into the cyber sector both regionally and nationally is increasing

Locally based cyber companies are supported and connected into the national picture

There is a good pipeline of skilled cyber professionals coming into the industry