"Thinly spread": Questions raised over UK government’s latest cyber funding scheme

The UK government plans to spend £1.9 million on cyber resilience projects across the country, the Department for Science, Innovation and Technology (DSIT) has revealed.

With planned investment in more than 30 projects, the money will help improve the UK’s cyber resilience for both businesses and consumers, and boost national cyber skills.

Some projects set to receive funding include ‘CyberSecurityAId: Empowering Small Businesses with Cyber Security Skills,’ ‘Cybersecurity Angel Investor Network,’ and ‘First Steps to a Cyber Security Career - North West.’

The funding boost comes amid growing concerns over cybersecurity skills shortages across the country. Almost half of UK firms report a deficit in this regard, according to the DSIT, and these projects will help fill current gaps and meet growing demand.

Under the scheme, people across the country will be able to pursue new, high-level career opportunities as a result, DSIT added.

“By upskilling small businesses and individuals, investing in workforce development, and encouraging neurodiverse talent, government and industry partners are fostering robust and diverse cyber communities for the future,” said Jonathan Ellison, director for national resilience and future technology at the National Cyber Security Centre (NCSC).

“This is vital for protecting our digital economy, creating new opportunities for secure innovation, and helping make the UK the safest place to live and work online,” Ellison added.

The UK’s minister for cybersecurity, Feryal Clark, also commented, saying strong defenses are needed for the country’s growing digital economy, which is worth billions of pounds.

“Attempts to disrupt the technologies and services we rely on daily continue to grow, so we’re leaving no stone un-turned to make sure our communities have the skills to rise to the challenge,” Feryal said.

Cyber investment is a good start, but does it go far enough?

While the move has been welcomed by industry stakeholders, some experts have questioned the scope of the initiative.

Socura CEO Andy Kays said a key concern is the “size of investment relative to the scale of its ambition”, suggesting that the volume of projects set to be awarded funding could dilute the overall investment.

“30 new projects slated for 2025 and beyond across multiple regions means that this money will be thinly spread across the UK,” Kays said.

“The concern is that this money won’t go far enough to have the level of impact needed. It is, however, a good start,” he added.

Kays said it was “only right” that the UK invest more money to develop its regional cyber skills in places like Wales, the North East of England, and Northern Ireland.

Jake Moore, global cybersecurity advisor at ESET, welcomed the investment scheme, adding that the initiative will help strengthen the country’s overall cyber resilience and futureproof communities.

“Upskilling workforces is crucial for safeguarding our digital economy, unlocking opportunities to secure innovation, and ensuring the UK remains protected from constant attacks,” Moore said.

“However, this isn’t the first time we have seen a shake-up in the UK’s skills shortage so it is vital that the initiative will continue to be funded and pushed to the next level where more roles are filled,” he added.