ICAEW.com works better with JavaScript enabled.

Cyber security sector grows hugely but don’t take risks

10 February 2020: it is heartening that the number of active cyber security firms in the UK has increased 44% to 1,200 since 2017. We are clearly on the way to tackling significant breaches. But that is no reason to sit back on our laurels, warns Kirstin Gillon, Technical Manager in ICAEW’s Tech Faculty.

The UK’s booming cyber security sector is worth £8.3bn, according to a new report from the Department for Digital, Culture, Media and Sport, with total revenues in the sector up 46% from £5.7bn in 2017. The growth is the equivalent of a new cyber security business being set up in the UK every week.

The "UK Cyber Security Sectoral Analysis 2020" named Darktrace one of the most successful UK cyber security companies, which is one of the country’s 77 tech unicorns – a company valued at over $1bn.

Ahead of his speech at international cyber security conference SINET, Digital Minister Matt Warman said: “It’s great to see our cyber security sector going from strength to strength. It plays a vital role in protecting the country’s thriving digital economy and keeping people safe online.

“We are committed to seeing it grow and are investing £1.9bn over five years through our National Cyber Security Strategy to make sure we lead the way in cyber innovation, develop and attract the best talent."

Darktrace CEO, Poppy Gustafsson, said: “The immense growth of the cyber security industry in recent years reflects the magnitude of the cyber challenge confronting organisations of every kind in modern society.”

The risks are real and it is reassuring to know that the cyber security sector is growing, but there is much companies should be doing in the meantime. To understand your risks better, you might want to discuss questions like these with your cyber security professionals and Boards:

  1. Detection: how long would it take for you to discover hackers in your systems?
  2. Back-ups: how effective are your back-up practices?
  3. Business continuity plans: how would your staff cope with reverting to pen and paper?
  4. Patching: how long does it take for your organisation to apply patches?
  5. Customer communication: what are your plans for communicating to customers in the event of a major breach of customer data?
  6. Supplier management: where you are reliant on the systems of others, how much do you know about their cyber security practices?