How Government Support Aims To Boost The UK’s Cyber Security Sector

Despite being named one of the fastest growing and most in-demand professions in 2024, the cyber security sector is still facing an acute talent shortage with only 1 cyber security professional for every 86 businesses. With a talent shortage of cyber security professionals creating risk, families, businesses and even nations may not be able to protect themselves from cyber attacks.

The UK Government has shown commitment to investing in the cyber security sector over the past decade, with a number of packages and programmes aimed at attracting and training additional cyber security professionals and providing businesses with the resources to protect themselves. However, is this support for the cyber security sector enough and does more still need to be done?

The UK’s cyber security threat

According to the latest government figures, 50% of businesses and 32% of charities have had some form of cyber security breach or attack in the year up to April 2024. Furthermore, shockingly, in the past 5 years, UK businesses have lost £44 billion in revenue due to cyber attacks.

Cyber crime affects both the public and private sectors, with multiple large public organisations such as the NHS and the British Library experiencing cyber crime in the last few years. The increasing potential threat of cyber attacks has led to the British Army creating a Cyber Reserve Force, to protect the UK’s armed forces and the state against malicious cyber forces.

For many organisations, the effects of a cyber attack go beyond a monetary loss, affecting business and brand reputation, and market share. Cyber attacks have real consequences for the businesses that experience them.

Governmental support to the cyber security sector

Over the years, there have been a number of plans and strategies from the UK Government surrounding cyber security. Just some of the key investments and strategies over the years have included:

• The UK Cyber Security Strategy (2011) – which promised a £650 million investment into various programmes over 4 years to “promote the development… of skilled cyber security professionals… together with underlying research and development”.
• The National Cyber Security Strategy (2016) – which promised a £1.9 billion investment with the aim to launch the National Cyber Security Centre, support the British Army in setting up their cyber defences and invest in programmes to address the shortage of cyber security skills.
• National Cyber Security Strategy (2022) – which focused around implementing and improving government systems to protect and “harden” them against cyber attacks. It included a £2.6 billion investment to update IT systems and legacy tech across the Central Government. Additionally, the strategy planned to establish a National Cyber Advisory board to investigate and integrate cyber networks regionally to support growth and “business resilience” against cyber threats.

Each strategy and investment from the Government has aimed to improve the UK’s cyber security sector, implementing greater support and regulations for businesses to protect themselves. Continuous investment and support has helped to grow the sector to £11.9 billion.

To complement investments being made in the cyber security sector, the new Labour Government have announced proposals for a Cyber Security and Resilience Bill which aims to enforce cyber safety compliance by widening regulations and giving extra power to the National Cyber Security Centre (NCSC).

Combining both investments and tightening regulations highlights key concerns the current UK Government has around cyber security, and how they want to make the UK more secure in a world where cyber attacks are worsening.

Labour’s £1.9 million cyber security project support fund

Recently, the Government announced a £1.9 million investment to support 30 various new community projects across England and Northern Ireland this year. These 30 projects include focuses on:

1. Attracting neurodiverse talent into cyber security roles
2. Protecting vulnerable people from cyber related violence and abuse and encouraging them into cyber security as a career
3. Training and resources for small businesses to improve their cyber security practices and programmes to upskill workers
4. Youth engagement programmes including a “Cyber Explorers competition” aimed at secondary school aged students to encourage them into cyber security careers

Long term these projects aim to improve the UK’s cyber defences and ensure that all communities, throughout the UK and from various backgrounds, feel the benefits of this investment in the cyber security sector.

Why are these projects important?

The latest cyber security package provided by the Government is set to affect the sector in a number of ways. These funded projects are looking to address three key challenges in the cyber security sector.

Support for small businesses

Unfortunately, small businesses are often more vulnerable to cyber threats and attacks as they may not have as up-to-date and extensive security measures in place, with 43% of cyber attacks targeting SMEs for this reason. Additionally, around 75% of SMEs report that they would not be able to continue operating if they were hit with significant malware. Therefore, projects that specifically support smaller businesses to become more cyber resilient, to upskill their workers and increase their awareness around cyber safety measures will be incredibly important moving forward.

Diversify the cyber security community

A number of these projects will be targeting underrepresented communities in the cyber security sector, including women and neurodiverse talent. Some projects plan to provide resources to protect women and vulnerable groups from online abuse or attacks, but most aim to encourage these groups into cyber security careers.

Latest statistics indicate that the number of women in cyber security roles is dropping, with now only 17% of cyber security professionals being women, which is down from 25% in 2022. Whilst, demands for cyber security skillsets are fast growing, with a 128% increase in talent since 2021, this reducing share of women in the sector would suggest that not enough is being done to attract women to the UK’s cyber security sector roles.

A number of the projects are also looking into supporting and encouraging neurodiverse talent into cyber security roles. Around 11% of people in the UK are neurodivergent, with approximately 21% not being in employment. The UK’s cyber security sector need individuals who think differently and can approach potential cyber threats in alternative ways. This is why it is crucial for the cyber security workforce to be as diverse as possible.

Future pipeline of cyber security talent

Some of the projects are focused on developing interest amongst secondary school aged children to get them started on a path to careers in cyber security. Globally, around 4.8 million additional workers in cyber security are needed right now to fully secure businesses, so creating this pipeline of interested individuals who will enter the cyber security sector is crucial.

This support includes continuing the “Cyber Explorers competition” which focuses on youth engagement and encouraging secondary school students aged 11-14 to seek to understand what careers in cyber security can entail.

The future of the UK’s cyber security sector…

This latest support aims to increase the cyber security workforce and offer greater awareness and support to businesses who do not have the means for dedicated cyber security assistance.

Questions have been raised around the amount of investment in the most recent package, with Socura CEO arguing that £1.9 million for 30 new projects will mean that the money will end up being “thinly spread” across the UK. However, he agreed it is “a good start”, particularly as the projects focus on areas with reduced cyber security professionals such as in Northern Ireland, the Midlands, and North East England.

It is clear that while current government support may help to boost the cyber security sector in some capacity and greater regulations may help to reduce the threat of cyber attacks in the future, more will need to be done to fully secure the UK against future threats.

VIQU IT is an award-winning specialist cyber security recruitment agency. For help on finding the talent you need to protect your business, get in touch with our team here.