The government is considering ways that the UK's intelligence-gathering centre, GCHQ, could supply services to the private sector, according to security minister Baroness Neville-Jones, who was addressing the Commons Science and Technology Committee on Wednesday.
GCHQ is based in Cheltenham and employs leading scientists and cyber-security experts to monitor data from emails and telephone calls.
Committee chairman Andrew Miller told Computing that the UK is behind the US in the commercialisation of technology developed within the intelligence community.
"Baroness Neville-Jones' response was a positive one, and it shows that there are technologies that come from GCHQ that should be developed for broader commercial services, but have been kept under wraps," he said.
The RSA algorithm, used for public-key cryptography, is an example of a highly marketable technology that was developed by GCHQ but remained unexploited for security reasons. It was subseqently developed and sold by the US and is now widely used in e-commerce protocols.
"The algorithm RSA is a great example of how the Americans took what had been developed in Cheltenham and made a multi-million dollar business out of it – much to the detriment of the UK for missing the opportunity," Miller said.
"Americans are far better at recognising the commercial potential of their government's intellectual property, and it is something that would be of great benefit to us," he said.
"There are difficulties to achieving this. There is a lack of political will, for example. We ought to be ensuring maximum effort is put into sharing best practice across sectors, and business processes need to be reassessed," Miller added.
"Baroness Neville-Jones' response shows that she is thinking about this, but what is less clear is whether or not she has the answers."
Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy