On Thursday, the United Kingdom goes to the polls to vote on one of the most important and contentious referendums Britain has ever seen. No matter what the result is, to remain or leave the European Union, when we wake up on Friday morning there could be a host of changes to the business, economic, social, and political landscape in which we live and work.

We know that all major world events have an impact on all our clients to some degree and we regularly assess these as part of the intelligence we provide, so what impact might the referendum have on cybersecurity in Britain? Using factors related to legislation, law enforcement, the movement of people in relation to employment, trade with EU member states and the perception of threat actors towards a post-referendum Britain, we have assessed some plausible scenarios

The UK votes to leave the EU

Should the UK vote to leave on 23 June 2016, the immediate implications could include a capital flight from the United Kingdom within the technology sector. Furthermore, it is possible that changes in the migration of technologically skilled individuals into the UK will have an impact on the number of migrants from EU member states that are employed by UK companies.

Despite these plausible changes, international information assurance standardization will remain in place regardless of the referendum result, which will likely help stabilize the UK technology sector and ensure continued investment in this space.

In the longer term, approximately four years after the UK voted to leave, there is a realistic possibility that the UK would become a safe haven for cybercriminals, given the lack of extradition legislation between the remaining members of the EU and UK. This would largely be due to the likely loss of instruments – such as the European Arrest Warrant – and likely delays in the negotiation of new treaties to replace it.

It is possible that the environment in the UK after a leave vote would create a uniquely British cybercriminal culture, including UK cyber-enabled fraud continuing to develop. Internet connectivity and software licencing agreements between the EU and US are likely to remain unaffected by a leave vote in the 23 June 2016 referendum.

At around 2022, and in the event of a vote to leave the EU, it is possible the UK cyber market will have returned to normal running activity and it is possible that new treaties and agreements would have been implemented – mitigating the effects felt in the six years after a leave vote in the referendum. Despite this, it is possible that a cybercriminal community would continue to develop in the UK, with targeting occurring in the European Union.

The UK votes to remain in the EU

On the other hand, if the UK votes to remain in the EU, the immediate implications would possibly be market relief, which causes a new wave of investment into both the start-up and established tech sector in the UK, although investment looking for a non-EU connected country looks elsewhere for opportunities.

Skilled migrants will possibly see the UK as an appealing destination within an increasingly nationalistic EU. UK information assurance will continue to be developed and globally adopted in developing markets.

Subsequent to the immediate implications, approximately four years after the referendum, investment in UK business will possibly increase, which would plausibly stimulate cyberattacks operating outside the region to target the UK.

This criminal activity will possibly take two distinct forms. Regional specific malware targeting the UK user such as cryptolocking campaigns that only deploy on UK English configured Operating Systems. Advanced threat groups targeting critical components of major financial institutions in the UK, such as SWIFT connections.

Despite this, the UK cybercriminal scene will not receive a stimulus to grow significantly and will likely remain focused on its current trajectory. A vote to remain is unlikely to have a long-term impact.

Whatever the outcome, the business world in the UK will change after Thursday, but you can request a full report by emailing [email protected].

Language of uncertainty 

As with all of our intelligence products, we assess probability using qualitative statements from a defined matrix, known as “the uncertainty yardstick”. In order to give the reader perspective, each of these statements is associated with a probability range.

Qualitative Statement Associated Probability Range
Remote or Highly Unlikely <10%
Improbable or Unlikely 15-20%
Realistic Possibility 25-50%
Probable or Likely 55-70%
Highly/Very Probable/Likely 75-85%