Updated: How will Brexit affect the cyber-security industry in UK and Europe?

The British public has voted to leave the European Union by a margin of 52 to 48 percent. Are there any implications for people working in the cyber-security industry?

What happens now that voters have pressed the Brexit button?
What happens now that voters have pressed the Brexit button?

With the 52 percent to 48 percent vote in favour of Britain leaving the European Union today, what are the implications for information security and assurance, the fight against cyber-crime and the development of the cyber-security tech industry in the UK?

One person who thinks it will be bad for cyber-security and technology in general is Simon Crosby, CTO and co-founder of Bromium. He told SCMagazineUK.com: “The incredible technical talent in the UK just became a lot cheaper for foreign countries to hire. Sadly, they will suffer as their standard of living drops, and their opportunity to live and work in other countries in Europe is restricted. Ultimately, I expect many of them to leave the UK permanently for countries that will pay what they are worth, such as the USA.”

And Crosby added: “There is another longer term worry: Over a third of research funding for universities in the UK comes from the EU. In the absence of new funding from the UK government, there will be a huge impact on university's ability to deliver highly skilled tech workers to the UK economy."

Anticipating the possibility of this outcome, Tripwire conducted a poll of information security professionals at InfoSecurity Europe 2016. Of 278 people questioned, 64 percent said that there would basically be no change as a result of an exit vote.

“Most information security professionals appear unconcerned with the impact of this referendum on UK cyber security,” said Neil Harvey, vice president of EMEA at Tripwire. “This could mean that they believe that the UK's approach to cyber security won't change significantly either way, but it's also possible that EU hasn't provided enough transparency around the impact of new regulations in the near term to make a difference to professionals that grapple with these issues every day.”

Meanwhile, 38 percent of those who work in IT security fear that the outcome will make the UK more vulnerable to cyber-attacks since they no longer benefit from intelligence sharing with other EU states, according to research from Unified Security Management and AlienVault.

The survey of 300 IT security professionals at InfoSec also found that 52 percent believe they will still have to comply with EU legislation in the wake of Brexit.

The BCS, the chartered institute for IT, said the results would have “significant long term implications for the UK”. The organisation will work with its members to develop a vision for the UK's digital future outside the EU.

David Evans, director of policy and community, commented: “We'll be talking to people across government – but especially in the first instance the Department for Business and the Department for Culture, Media and Sport – about what needs to be done and how we can help. We are already working on several projects around some of the key areas for negotiation – such as personal data regulation – and we have an important role to play as a community of people who want to make IT good for society and have understanding, capability, insight and creativity into the complex technical, commercial, legal and social issues.”

Speaking on how this might affect the General Data Protection Regulation (GDPR), Michael Hack, senior vice president of EMEA operations at Ipswitch, told SCMagazineUK.com, “Now the UK is out it will be governed by a different data protection regime, but it will still need to adhere to suitable data protection measures in order to transfer data to and from the EU. So in many regards, the requirements of the GDPR will still apply and it is back to the business of preparing for it, then.”

Adam Oldfield, EMEA financial service director at Unisys, commented on the impact of Brexit on GDPR and regulation: "Like any piece of regulation, the GDPR will come into effect and the industry will find a way to comply. However, we can never be truly sure of what the long-term effects will be and in a few years the regulators may decide that it didn't have the desired effect and change it. Such is the nature of compliance in the digital world: the only certainty is uncertainty. There are those that contend that Brexit will be the death of regulation, and indeed of all the EU-mandated directives with which institutions in the UK must comply. But if the UK wishes to keep doing business with EU Member States, it will need to comply with these regulations, only without the ability to negotiate or challenge them."

At one point the pound had fallen to its lowest rate in nearly 30 years when it briefly touched US$1. 33 but it has risen since then and by mid-morning was trading at $1.38.

Mike Laven, CEO Currencycloud told SC that, “There's no doubt that the nation's decision to leave the EU has major macro-economic implications - Negotiations will be long and ongoing – and this uncertainty alone means we can expect significant volatility ahead."

Echoing sentiments of uncertainty, Simon Black, CEO, PPRO Group told SC, "In the UK, we now face years of uncertainty in the market. However, my advice would be to keep calm and carry on. Nothing will change for at least two years and all arrangements on a European level will work as they have until now."

Mark Carney, governor of the Bank of England gave a statement to BBC News and said he is “prepared to do what it takes to stabilise the economy and restore the value of the pound.”