11 Mar 2025

UK’s cyber sector’s contribution to economy reaches new heights

Government publishes new Cyber Security Sectoral Analysis 2025 report.

Yesterday, the Department for Science, Innovation and Technology (DSIT) released its latest report containing information about the UK cyber security sector, including the number of businesses, the sector’s contribution to the UK economy, the number of people employed and the products and services offered by these firms.

The report was published alongside the Secretary of State, Peter Kyle MP’s, speech delivered at techUK’s annual Tech Policy Conference - where he outlined the potential of technology as a force for good in working people’s lives and declared that there is ‘no route to long-term growth and no solution to our productivity problem, without innovation’. techUK believes that innovation in cyber security is crucial, not just when it comes to protecting our critical national infrastructure and public service, but in enabling the opportunities presented by emerging technologies. Therefore, as cyber security’s role becomes more and more central, the growth of the UK’s vibrant cyber sector continues to be of importance.

The analysis, undertaken by Ipsos and Perspective Economics, builds upon the previous Cyber Security Sectoral Analysis published in May 2024 that provides a recent estimate of the size and scale of the UK’s cyber security industry. A methodological approach (consistent with previous reports) is taken to analyse the sector's performance, which includes desk research; initial data collection and gap analysis; a cyber security sectoral survey; qualitative consultations with investors in the cyber security sector; data blending; and data analysis and reporting. Data sources underpinning the sectoral analysis included the Cyber Exchange.

Key findings from the report

The news is positive, with the UK cyber sector continuing to be a high performer. The top take aways are:

The UK cyber security sector generated revenue of £13.2 billion, up 12% since last year.
There are 74 new cyber security firms, bringing the total to 2,165, up 3.5% from 2,091 last year.
The sector employs 67,300 people (full time equivalents), up 11% since last year, an increase of around 6,600 jobs.
The total gross value added (GVA) for the sector has reached c. £7.8 billion, an increase of 21% since last year.
GVA per employee has increased from £106,300 to £116,200, an increase of 8%.
In terms of investment, £206 million was raised across 59 deals within dedicated cyber security firms in 2024.

A useful snapshot of the cyber security sector

In addition to the key findings noted above, the report includes information about the size of the UK’s cyber security firms (with 56% micro, 18% small, 16% medium and 10% large) with the data highlighting an increase in the number of medium-sized firms, likely driven through a combination of organic growth and increased merger and acquisition activity. The report also explores the percentage of ‘dedicated’ providers of cyber security services (68%), compared to the percentage of firms that provide cyber security as one product or service among others – ‘diversified’ (38%); and takes a high-level look at the products and services being offered by the sector – setting out taxonomy categories, of which Information Risk Assessment & Management and Cyber Professional Services had the greatest number of registered cyber firms offering (80% respectively).

The report notes that just under half (45%) of cyber security firms are based outside of London and the South East regions, breaking down the percentage of offices across 12 regions, with no significant proportional changes at the regional level suggested:

London – 38%
South East - 17%
North West – 8%
South West – 8%
East of England – 7%
Scotland – 6%
West Midlands – 5%
Yorkshire & The Humber – 4%
East Midlands – 3%
Wales – 2%
North East – 2%
Northern Ireland – 2%

In terms of total cyber security revenue by size of firm, the earning power of large firms is clear with the report estimating that £9.3 billion, or 70%, of all UK cyber security revenue is earned by them. Meanwhile, medium firm revenues had increased their revenue share in relative and absolute terms from 16% to 21% (£1.9 billion to £2.8bn); small firms have continued to see a slight reduction in revenues over the same period (£862m to £790m) which is likely down to market consolidation with mergers; and micro firms have increased revenue levels (from £262m to £394m).

The report also looks at investment in the UK cyber security sector, focusing on investment activity within the full year of 2024 (1st January – 31st December), and typically explores investment raised by dedicated cyber security firms. The investment timeline demonstrates that 2024 has remained challenging for cyber security investment compared to previous years. However, it is noted that the UK cyber security investment landscape is broadly similar to 2018/19 levels, which may reflect a ‘return to normal’, rather than a significant loss of investor confidence or engagement; furthermore, there is investment activity in the UK market beyond Venture Capital – for example, mergers, acquisitions, loan and equity funding.

And there is an optimistic picture from a regional perspective with 49% of the investment raised across the ten regions outside of London and South East. This is a higher proportion than seen in 2023 (35%), 2022 (25%), and much higher than the 9% in 2021.

Also of note, the data gathered highlights a range of international acquisitions of UK cyber security firms, particularly by US investors, demonstrates the quality and attractiveness of the UK cyber sector and the report states that this raises important considerations for long-term market development, such as the need to support early-stage firms at the start of the growth pipeline and the delivery of infrastructure to help UK firms scale domestically and secure capital. Furthermore, it recognises the importance of this given the strategic nature of cyber security capability and the need to maintain sovereign capacity in key technology areas – and the consequent need for policy to help strengthen domestic growth pathways while maintaining the benefits of attracting international investment, collaboration, and market access.

Matt Evans, techUK’s COO and Director of Markets commented:

“This year’s Cyber Security Sectoral Analysis report provides a welcome boost in confidence for the future growth of the UK’s cyber security industry – indeed, it’s fantastic to see the evidence of this thriving sector as it achieves significant growth in revenue, productivity and employment.

While the figures paint a largely positive picture, it’s important to remember that this must be measured against the backdrop of an increasing and ever-evolving threat landscape, geopolitical tensions and the need for continued and appropriate cyber workforce development. It is, therefore, crucial to maintain and further nurture the growth of the cyber security sector in order to meet those challenges and to enable the growth and resilience of the rest of the digital economy, as well as critical businesses and services. techUK looks forward to supporting this effort, including through the important work of the Cyber Growth Partnership.”

You can read the full Cyber Security Sectoral Analysis Report 2025 here.

Alongside the Cyber Security Sectoral Analysis 2025, DSIT also published an AI and software cyber security market analysis, to support government’s ongoing efforts to secure digital technologies, specifically software and AI, through identifying companies which offer crucial and relevant services.

For more cyber security and resilience news, sign up below:

Cyber Resilience updates

Sign-up to get the latest updates and opportunities from our Cyber Resilience programme.

Jill Broom

Head of Cyber Resilience, techUK

Annie Collings

Programme Manager, Cyber Resilience, techUK

Tracy Modha

Team Assistant - Markets, techUK

Return to listing