UK government opts against regulation for cyber security standards

security breach alerts on a mobile
(Image credit: Shutterstock)

The UK Government has decided not to introduce regulations for cyber security standards after concluding its ‘Embedding Standards and Pathways Across the Cyber Profession by 2025’ consultation.

Conducted by the Department for Digital, Culture, Media and Sport (DCMS), the consultation ran in partnership with the UK Cyber Security Council, lasting for eight weeks from 19th January 2022.

The investigation engaged with key stakeholders across industry, academia, and the wider UK business and public sector to ascertain how it could support the uptake of the council’s standards.

That included exploring whether there was a requirement for regulation to be introduced to support the Council as it introduces new chartered standards for the industry. It also aimed to determine whether a register for chartered practitioners should be created, be it voluntary or mandatory.

It concluded that no regulation will be introduced at this point, stating that respondents generally opposed the idea of intervention. However, the Government said it will “continue to do all it can to provide support to the Council” and will “engage closely with regulators and industry to secure similar support.”

“I welcome the government’s response to the consultation, and I would like once again to thank all of those who contributed their views,” commented Simon Hepburn, CEO of the UK Cyber Security Council.

“The response allows the Council to take the lead in working with key stakeholders to achieve the aim, set out in the National Cyber Strategy, of creating a world-class, diverse cyber security profession.”

Hepburn noted that the consultation was key in identifying the key challenges faced by stakeholders, enabling the Council to create solutions to help address those issues.

Between now and 2025, the Cyber Security Council will introduce chartered standards that have been designed to align with 16 cyber security specialisms. The Government will then track its adoption and continue to assess whether regulatory intervention is required to support uptake.

As part of these plans, the Council will create a voluntary register that lists individuals accredited as either associate, principal, and chartered level.

“Observations were rightly raised about the complex nature of career routes into cyber security; the myriad of cyber qualifications, certifications and degree standards which exist without any uniform equivalency; and the challenges this creates for employers when it comes to assessing candidate suitability,” Hepburn continued.


The state of brand protection 2021

A new front opens up in the war for brand safety


“By introducing universal chartered professional standards aligned to 16 recognised cyber security specialisms and working with awarding bodies to align these to existing qualifications, we are confident we can create the clear framework needed to ensure the UK cultivates a world-leading cyber sector.”

By creating this voluntary register, he added that the Council will “help build further recognition, confidence and clarity across the industry” for both employers and employees.

“With the government’s response to the consultation confirming a staged approach is preferred, through which the sector has the opportunity to collaborate in the development of a diverse, accessible and ethical profession, it’s now time for us all to work together to create an environment in which cyber expertise across the UK can really flourish,” he said.

Daniel Todd

Dan is a freelance writer and regular contributor to ChannelPro, covering the latest news stories across the IT, technology, and channel landscapes. Topics regularly cover cloud technologies, cyber security, software and operating system guides, and the latest mergers and acquisitions.

A journalism graduate from Leeds Beckett University, he combines a passion for the written word with a keen interest in the latest technology and its influence in an increasingly connected world.

He started writing for ChannelPro back in 2016, focusing on a mixture of news and technology guides, before becoming a regular contributor to ITPro. Elsewhere, he has previously written news and features across a range of other topics, including sport, music, and general news.