The UK’s cyber security sector continues to grow strongly, according to a Cyber Security Growth Action Plan, published by the Department for Science, Innovation and Technology (DSIT). The report for Government was by Bristol University and Imperial College London, as an analysis the authors said for ‘the interventions needed to further develop the UK’s cyber security sector’.
The 90-page document notes ‘astonishing’ development of data and AI, and cautions that ‘much of this happening without adequate attention to cyber security’; and points to ‘damaging cyber-attacks continuing to be in the news’. The report adds: “AI is already becoming a key part of the toolkit for both attackers and defenders, with implications that are still poorly understood . There is the potential scale and sophistication of AI-driven attacks, the question of where accountability will lie should we need to rely on autonomous AI systems in defence and the possibilities of all kinds of collateral damage.”
Among ‘cyber sector-specific challenges’ that can slow down cyber firms, the report points to how ‘lighthouse’ customers – especially government departments – can be critical for many companies but difficult to achieve. “Many face strategic trade-offs, perhaps having to choose between developing sovereign solutions for national security customers or focusing on the export market.” Businesses, meanwhile, may see cyber as a cost; and not pay attention to the fundamentals or follow the Government’s baseline standard, Cyber Essentials. While the authors see a ‘generous, energetic, and nurturing cyber community’, they also state that it’s fragmented ‘with no single group able to represent the aggregated interests of cyber suppliers, different sectors, cyber professionals, government, research, and civil society’. The report sets out what more can be done. The report argues that opportunities for growth lie in ‘AI, cyber physical systems and tools that lower the burden for organisations to have a fundamental level of security and resilience’.
Market
As for the size of the market, in 2024 the UK cyber security products and services sector grew by 12 per cent to £13.2 billion, according to DSIT. Despite the rise in supply and demand for cyber, incidents are also more frequent.
Recommendations
Among the report’s recommendations, it says ‘Government should use guidance and regulations to stimulate growth by setting expectations for high quality reporting of cyber risks, consulting on mandating the use of Cyber Essentials, and encouraging usage of cyber insurance’. The report suggests that the Government should review whether amendments to the Computer Misuse Act (the law dating from 1990 still covering hacking) can be made to address the negative impact it has on skills development.
For the full document, visit the DSIT website.
