UK defence and cyber security leaders have urged the IoT industry to play a central role in strengthening the nation’s digital defences, warning that the boundary between commercial technology and national security has all but disappeared.
At the IoT Security Foundation Annual Conference in London, speakers called for a new model of collaboration between government, industry, and academia — one that matches the speed and innovation of the private sector with the scale and responsibility of national defence.
Grace Cassy, a former diplomat and external reviewer on the 2025 Strategic Defence Review (SDR), said the UK’s ability to deter emerging threats now depends on the resilience of its digital and industrial base. “Militaries don’t win wars, economies do,” she said. “Without the private sector’s engagement, we won’t realise the vision we’ve set out.”
The SDR, published in June, highlights five domains of warfare — land, sea, air, space, and cyber-electromagnetic — and calls for a “return to war-fighting readiness”. Cassy explained that the goal is not militarisation, but deterrence through readiness and capability.
Drawing lessons from Ukraine, the review recommends creating a new Cyber and Electromagnetic Command to coordinate both defensive and offensive operations, as well as overhauling how Defence works with the technology ecosystem.
“Procurement needs to move at the speed of innovation,” Cassy said. “The current six-year cycle for new capabilities is no longer sustainable. We’re recommending two-year cycles for major systems and three months for digital capabilities.” She added that Defence should shift from rigid, prescriptive specifications to open “problem statements” that encourage co-development with suppliers — especially small and mid-sized firms that currently struggle to engage with MoD procurement.
For IoT vendors, integrators, and solution providers, that shift could open the door to new partnerships in edge computing, AI-enabled sensing, and secure connectivity — areas where commercial innovation already outpaces government capability.
Charlie D., Technical Director for Hardware Security at the National Cyber Security Centre, (who declined to give his full name for security reasons) warned that as connected systems proliferate across sectors, insecure hardware and poorly configured devices are becoming national vulnerabilities.
“We are seeing a persistent tide of organised cybercrime,” he said. “Ransomware remains the most significant cyber threat to the UK. Many products marketed as secure are, in reality, leaky — and there’s often no accountability for poor design.”
The NCSC’s new Hardware Security Problem Book sets out four research priorities that align closely with IoT challenges: understanding device behaviour, improving assurance and traceability, embedding security into hardware design, and integrating trusted systems at scale. “Hardware security underpins everything,” Charlie said. “It’s the foundation of digital trust. Without it, everything else is fragile.”
He argued that the industry must treat hardware security not as an engineering constraint but as a competitive differentiator. “Hardware security isn’t the problem — it’s the solution. We need to make secure products sell. That’s not just a technical challenge; it’s a marketing one.”
The message to the IoT community was clear: security is now a shared responsibility, and commercial opportunity lies in solving it. As Cassy concluded, “Resilience is no longer just a defence priority — it’s an industrial one.”
There’s plenty of other editorial on our sister site, Electronic Specifier! Or you can always join in the conversation by commenting below or visiting our LinkedIn page.
