The number of UK cyber security businesses surged by 21% between 2019 and 2020 to a total of 1,483, with the industry as a whole bucking wider economic trends to create an additional 3,800 full-time jobs.
This recruitment drive represented a 9% expansion of the security workforce from 42,855 to 46,683 between 2019 and 2020, government figures show, while the number of companies grew from 1,221 to 1,483.
Most notably, the sector grew its revenues by 7% last year versus 2019, from £8.3 billion to £8.9 billion, according to the Department for Digital, Culture, Media and Sport's (DCMS') latest sectoral analysis.
This growth may not come as a huge surprise considering the parallel expansion of cyber threats that businesses have been forced to confront. Ransomware attacks against UK organisations surged during 2020, for example, while phishing attacks also exploded in volume as hackers sought to take advantage of more employees working from home.
“The need for cutting-edge cyber security has never been greater and this resilient sector is growing, diversifying and solidifying its status as a jewel in the UK’s tech crown,” said digital minister, Matt Warman.
“With more than 3,800 new jobs created, firms - large and small - are doing vital work keeping people and businesses secure online so we can build back safer from the pandemic.”
Although these figures represent positive signs for the industry, they also represent a slowdown against growth between 2018 and 2019.
Revenue during this period grew by £2.6 billion versus £0.6 billion between 2019 and 2020. There was a similar slowdown in recruitment and industrial expansion, with 11,516 new full-time recruits and 375 new business during the 2018-19 period. That's compared to 3,800 hires and 262 new companies between 2019 and 2020.
Nevertheless, this slowdown is against the backdrop of on-off lockdowns and Brexit-driven anxiety contracting the size of the British economy by roughly 10% during 2020.
The report also highlighted the continued top-heavy composition of the UK cyber security sector, with roughly two-thirds of its workforce recruited by large organisations. Similarly, roughly 74% of revenues were accrued by the biggest firms. Conversely, the number of micro-organisations comprised 57% of all security businesses in 2020, with these firms generating £217 million in total revenue.
These figures were roughly in keeping with findings published in the previous annual report - although the economic contribution of the smallest businesses almost doubled from 1.3% to 2.5%, in terms of revenue.
Although overall investment remained overwhelmingly concentrated in London and the South East, with 85% combined funding in 2020, a slight majority of firms are now based outside of these regions. While exactly half of all UK security businesses were based outside of London and the South East in 2019, this rose to 54% last year.
CEO of techUK, Julian David, said this finding was an encouraging change that will likely improve cyber resilience across all nations and regions of the UK, as well as sharing the economic prosperity of the sector. He added regional development is one area in which his organisation will continue to partner with DCMS through initiatives such as Cyber Exchange.
The findings follow the announcement of the UK Cyber Security Council, which will standardise the multitude of cyber security training and certification programmes across the UK, under the scope of the DCMS. The organisation's aims include fostering skills and driving further recruitment across the industry, while ensuring these processes are as diverse as possible.
