The UK’s cybersecurity industry had an outstanding performance in the past financial year, showing a 12% increase in revenue, reaching £13.2bn. According to the UK Cyber Security Sectoral Analysis 2025, compiled from a variety of data sources, including Companies House data and telephone surveys, the sector’s growth underscores its critical role in the national economy. The report revealed that 2165 cybersecurity firms are currently operating in the UK, an increase of 74 from the previous year. The majority of these firms (59%) offer services, while a quarter (26%) focus on products, 12% are managed security service providers (MSSPs), and 3% are resellers.
Despite the remarkable growth, the report highlights ongoing challenges faced by the cybersecurity industry, particularly in terms of workforce development.
A lack of technically skilled candidates (47%) and unaffordable salary demands (46%) were identified as the top two challenges by the firms. Additionally, competition from rival businesses was cited by 39% of firms as a persistent issue. This shortage in skilled talent is reflected in the widening skills gap, which grew by 27% last year, reaching 93,000 unfilled positions in cybersecurity, according to an ISC2 study.
This gap includes cybersecurity professionals working outside the sector, underscoring the industry’s struggle to meet demand.
The UK’s cybersecurity sector has also contributed significantly to the broader economy, recording a 21% increase in gross value added (GVA) to £7.8bn. This metric reflects the sector’s contribution to the economy, excluding the value of the inputs used in its production. The industry also saw an impressive addition of 6600 full-time jobs, marking an 11% annual increase. With a total of 67,300 employees now in the sector, the UK’s cybersecurity industry is poised for further growth. While 26% of UK cybersecurity firms operate internationally, the majority are focused on the EU and the US markets, signaling the global demand for cybersecurity expertise.
However, the report also sheds light on significant challenges that must be addressed to sustain future growth. The sector continues to suffer from regional disparities in terms of resources and investment, with some areas lacking the necessary support for research and startups. Many small and medium-sized enterprises (SMEs) still underestimate the importance of cybersecurity, assuming they are not a target for cyberattacks. Historically, smaller businesses did not prioritize cybersecurity services, and the sector did not focus enough on providing services tailored to their needs. However, the growing recognition of cybersecurity threats means this is changing, but these businesses remain a key area for future development in the sector. Addressing these long-standing challenges will be critical for the continued growth and success of the UK cybersecurity industry.
Reference:
