techUK today published refreshed guidance on 'Examining Cyber Security Export Risks'. Originally published in 2015, the updated guidance provides cyber companies of all sizes with actionable advice designed to help them identify and manage risks of exporting a wide range of products and services in the cyber domain.
Exports of cyber technologies and solutions are a significant opportunity for the UK economy. This has been recognised by Government who, through the Department for International Trade (DIT), released its Cyber Security Export Strategy in 2018. The Strategy acknowledges that the UK operates one of the “most robust” export control regimes in the world and risks around human rights abuses are a key part of the assessment process that UK companies operate. There is a wide array of cyber capabilities, ranging from cutting-edge defence capabilities to basic cyber hygiene for citizens. Some of these cyber capabilities can be abused and used inappropriately by the end user and, therefore, pose a risk to human rights, national security, and to the reputation and legal standing of the exporter.
This guidance explores how companies should adapt their own due diligence processes to consider human rights risks and argues that companies should always look to engage with the Export Control Organisation whilst exporting. It also encourages UK companies to collaborate and share lessons learned to the benefit of the UK cyber sector, through organisations like techUK.