Britain's strategy to bridge the cybersecurity void
The UK is taking strides to address the growing cyber security skills gap, particularly among young people. One of the most significant initiatives is the government's Cyber Growth Action Plan, launched in June 2025 with £16 million in funding to support cyber security innovation and skills development.
This plan targets small to medium-sized businesses and startups, aiming to improve access to modern cybersecurity tools and increase opportunities for partnerships in the sector. The National Cyber Security Centre (NCSC) and the National Protective Security Authority (NPSA) also collaborate on schemes providing tailored security advice to SMEs, contributing to a more vibrant industry environment and raising awareness.
Despite these efforts, the skills gap persists. In 2024, approximately 30% of UK cyber firms reported skills shortages, with critical areas like incident management experiencing increased gaps. The UK's cybersecurity workforce recently declined by 4.9% to 349,360 in 2024, indicating ongoing recruitment and retention challenges.
Experts believe that while government funding is a positive step, it remains modest relative to industry size. The £16 million Cyber Growth Action Plan represents about 0.1% of the UK cyber sector’s £13.2 billion revenue, suggesting current initiatives require scaling and expansion.
One such initiative is the Cyber Discovery program, aimed at 15 to 18-year-olds. The program, which encourages the best young minds into cyber-security, involves challenges around battling hackers and covers topics like digital forensics, defending against web attacks, cryptography, programming, and the ethics of hacking.
Another example is Qufaro, a cyber-training college that provides an add-on to the existing ICT curriculum, focusing on security. The course, focused on foundational skills and abilities, covers a spectrum of cyber-functions and capabilities the industry requires. Students completing the cyber EPQ course will receive an Extended Project Qualification (EPQ).
Industry leaders such as Anthony Chadd, head of EMEA Security Solutions at Neustar, support these government-backed initiatives and believe they will help address the current IT job-candidate imbalance. Chadd also pointed out that there are three times as many IT jobs as there are available candidates, and this is an issue that needs to be addressed quickly.
Phil Everson, head of cyber-risk at Deloitte, echoes this sentiment, stating that there is significant global demand for cyber-talent, but there are not enough skilled people to meet that demand. In response, Deloitte has pledged to pay the fees of any students who take on the cyber EPQ in 2017-18.
The Women in IT Awards is another initiative, coming to the US for the first time on 22 March 2018 in New York, and nominations are now open for the Women in IT USA Awards 2018.
In summary, UK initiatives to close the cybersecurity skills gap among young people center on government-backed funding programs like the Cyber Growth Action Plan, partnerships for SME support, and industry awareness efforts. However, experts call for more ambitious and expansive education and workforce strategies to meet the significant and growing demand for cybersecurity skills.
- The Cyber Growth Action Plan, a government-funded initiative, aims to address the growing cybersecurity skills gap in the UK by supporting innovation and skills development, with a focus on small to medium-sized businesses and startups.
- Experts believe that the ongoing cybersecurity skills shortage necessitates more ambitious and expansive education and workforce strategies, such as programs like Cyber Discovery for young people, and Qufaro, a cyber-training college providing foundational skills for students, which together could help meet the significant and growing demand for cybersecurity skills.
