Policy paper

Cyber Security Growth Action Plan: terms of reference

Published 18 June 2025

1. Role and remit  

1.1 The Cyber Security Growth Action Plan will conduct a rapid sectoral analysis to set out key insights for government to support the growth of the UK cyber security sector. 

1.2 The plan will deliver key insights on the interventions needed to develop current strengths in the cyber security sector, and maximise the potential of future opportunities. This will inform the recently announced refresh of the National Cyber Strategy to realise the benefits of cyber’s strong position in the Industrial Strategy, ensuring the UK’s economic security and resilience. 

2. Background  

2.1 The UK cyber sector is a success story demonstrating strong year-on-year growth, with the most recent data identifying sector revenue of £13.2 billion, supporting 67,300 jobs across more than 2,165 businesses in 2024.^{[footnote 1]} The cyber sector has been recognised as a key frontier industry within the Industrial Strategy, with a refreshed National Cyber Strategy being developed this year. 

2.2 The Growth Action Plan will supplement the development of the National Cyber Strategy by identifying opportunities for further growth by providing greater insight and ideas for how academic, government and industrial research, cyber users and suppliers, and the various cyber communities, can collectively better drive innovation and growth.   

3. Process  

3.1 The Cyber Security Growth Action Plan will conduct a rapid sectoral analysis that considers existing evidence from academic and business research, as well as consultation with experts across industry, academia, government, regulators and civil society.  

3.2 The Growth Action Plan will have 4 workstreams: 

• Sectoral Analysis: Building on the government’s annual Cyber Sector Analysis to gain deeper insights into the demand for cyber products and services, and identify the UK Cyber Sector’s core strengths. 

• Strategy Alignment: Determining ways the cyber sector can capitalise on its central role in the government’s Industrial Strategy while identifying opportunities presented by forthcoming legislation, including the Cyber Security and Resilience Bill, and policy impacts on innovation. 

• Future Technologies and Societal Trends: Identifying the future trends and the impact they might have on growth opportunities. This will include how emerging and disruptive technologies are likely to change the cyber security landscape both at a sector level, in terms of number/types of jobs, and at a technical level addressing new, arising threats.  

• Building on Strengths: Identifying ways to better coordinate communities and capabilities across government, industry and academia to create future oriented growth.  

4. Leadership  

4.1 This work is being led by Simon Shiu, until recently VP and Director of Cyber Security Research at HP Labs, and now visiting Professor of Cyber Security at the University of Bristol.

The leadership team includes:

• Chris Hankin, Professor of Computing Science at Imperial College London
• Ola Michalec, lecturer at Bristol’s Digital Futures Institute
• Martin Sadler, a sector specialist at the University of Bristol

The work is supported by the Centre for Sectoral Economic Performance at Imperial College London. 

5. Support from the Civil Service  

5.1 The Growth Action Plan team will be supported by officials in DSIT. Officials will work with the Growth Action Plan team to identify and address any potential conflicts of interest that may arise.  

6. Outputs  

6.1 The UK Cyber Security Growth Action Plan will publish a series of key insights for the Secretary of State to drive the growth of the UK cyber sector and encourage wider adoption across the UK economy. It is expected that the government will respond to these recommendations through the refreshed National Cyber Strategy.

1. Cyber security sectoral analysis 2025 - GOV.UK ↩