National shortage of skilled professionals leaves UK dangerously exposed to future cyber attacks
- White Paper urges action to remedy fragmented approach to cyber security skills
- Experts warn: ‘We won’t secure the UK digital economy with a 20th Century skills pipeline’
- Five recommendations made as to how Government can address urgent need
Systems for training the skilled professionals needed to secure the UK’s cyber data are no longer fit for purpose, industry experts have warned.
Sector specialists say that an outmoded and fragmented 20th Century training ecosystem risks leaving UK businesses dangerously exposed to 21st Century cyber threats. Government intervention is urgently needed to build the inclusive and sustainable cyber workforce of the future. A new approach would provide consistent role definitions, skills standards, and career progression across sectors.
The UK’s digital economy is growing rapidly and is central to the Industrial Strategy 2030 - yet cybersecurity remains one of the UK’s greatest skills challenges of the age. High profile cyber attacks are escalating - often resulting in devastating consequences to businesses as they introduce digital systems at speed. The UK’s fragmented cyber education and training system is leaving the country dangerously exposed.
As Government prepares its updated National Cyber Strategy, experts warn that joined-up thinking is urgently required to address the short-termism that has led to a national shortage of qualified cyber professionals and the absence of a unified skills framework.
A Parliamentary Roundtable on the Cyber Workforce earlier this year brought together a select group of senior directors from organisations including DSIT, UK Cyber Security Council, UKC3, SASIG, CIISec, BCS, and a host of other industry leaders and leading academic figures to look at ways of creating a future-ready UK cyber workforce.
A White Paper - published today by a leading cyber academic in collaboration with the APPG on Cyber Innovation - sets out 5 steps for the Government to secure UK cyber security skills for decades to come. The White Paper recommends that Government should:
- Establish a DSIT-led taskforce to co-create a UK Cyber Skills Taxonomy
- Establish a national delivery body to govern the taxonomy
- Incentivise employer adoption of standardised, skills-based recruitment
- Align education and career pathways to real-world cyber roles
- Scale regional skills alignment through a National Implementation Framework.
Dr Ismini Vasileiou, Director, East Midlands Cyber Security Cluster (EMCSC), Co-Chair, UK Cyber Cluster Collaboration (UKC3), and Associate Professor, ÃÛÌÒ´«Ãºmv Leicester, authored the paper. She said:
“Recent arrests in relation to cyber-attacks on M&S and Co-op show the real and growing threat faced by UK citizens and businesses.
“What doesn’t make the headlines is the UK’s chronic shortage of cyber professionals.
“There’s currently a mismatch between Government industrial ambition and educational reality. We won’t secure a 21st Century digital economy with a 20th Century skills pipeline.
“This is emerging as a critical situation for SMEs, which are the backbone of the UK economy but which are increasingly exposed as they race to meet modern digital expectations and standards.”
Dan Aldridge MP, Chair, APPG for Cyber Innovation, said:
“Building a resilient and digitally capable workforce is fundamental to our country’s economy, and future workforce.
“As members of Parliament, ensuring everyone has the opportunity to develop cyber skills matters to keep our constituents and local businesses safe. Without such a foundation, we risk perpetuating the very gaps we are striving to close, and undermining the government’s mission of sustainable digital transformation.
“This White Paper highlights widespread consensus on the need for a shared language and structure for cyber skills, and we urge our colleagues across Parliament to treat this white paper not as another strategy, but as a call to action, to help build a cyber workforce that is as dynamic and diverse as the challenges we face."
Professor Mike Kagioglou, Deputy Vice-Chancellor Planning, Research and Innovation, ÃÛÌÒ´«Ãºmv Leicester, said:
“The recommendations in this White Paper reflect what we see every day in our work with businesses: namely, a growing demand for cyber skills and a fragmented system that is not keeping pace.
"At ÃÛÌÒ´«Ãºmv, we’re already helping bridge the gap through applied research, industry partnerships and education that meets real-world needs.
“We fully support the call from Dr Vasileiou and the APPG for a national strategy to align skills, accreditation, and employer demand.
“ÃÛÌÒ´«Ãºmv stands ready to assist and support a central, recognised, skills development and accreditation framework for cyber security.”
Notes to Editors
Picture shows Dr Ismini Vasileiou (Credit: ÃÛÌÒ´«Ãºmv)
To arrange an interview with Dr Vasileiou, please email Justin Hawkins at ÃÛÌÒ´«Ãºmv (justin.hawkins@dmu.ac.uk)
East Midlands Cyber Security Cluster CIC
EMCSC supports development of cyber security skills as a means of supporting regional economic growth. Founded by Dr Ismini Vasileiou in Leicester in 2023, its projects and programmes create opportunities for networking, knowledge exchange, sharing of best practice and industry training. EMCSC works across public and private sectors, as well as academia, promoting business cyber-resilience and cyber security careers throughout the East Midlands. Its partners include the national UKC3 network and the Cyber Resilience Centre for the East Midlands.
Learn more at
All-Parliamentary Group for Cyber Innovation
The APPG provides a forum for discussion of ideas, solutions and policies to unlock innovation, growth, and diversity in the cyber sector. It is an open forum for new ideas, bringing together parliamentarians, industry professionals, academia, media and civil society. The APPG works to attract non-traditional voices to the cyber debate in order to facilitate mutual learning, change perceptions, and develop new and innovative policy recommendations.
Learn more at:
Additional resources
- Four arrested in connection with M&S and Co-op cyber-attacks ()
- More than 25% of UK businesses hit by cyber-attack in last year, report finds ()
- Cyber Growth Action Plan ()
- Cyber Security Sectoral Analysis ()
- Launch of New Cyber Security Strategy ()
Other Contacts
Dr Ismini Vasileiou
EMCSC
Ismini.vasileiou@emcsc.uk
George Oliver
1284 Communications for EMCSC
george.oliver@1284.co.uk
Elisabeth Sullivan
APPG for Cyber Innovation
secretariat@cb-network.org
Posted on Thursday 31 July 2025