Policy paper

DSIT cyber security newsletter - September 2024

Published 10 October 2024

1. Director’s message

Welcome to this month’s Cyber Security newsletter. There’s a lot happening in the cyber security sector, particularly with the disruptive recent attacks on Transport for London and Tewkesbury Council. So, I’m pleased to open with some good news: today’s announcement by Minister Feryal Clark of a new DSIT-funded Cyber Local regional grants programme. This is a £1.3 million funding initiative to address cyber skills gaps and build stronger cyber skills bases in regions across the UK, particularly outside of London where we would like to see more growth.

Grants of up to £150,000 will be provided to help deliver initiatives proposed by local organisations across England and Northern Ireland; this could include research or work that removes barriers preventing growth, training and upskilling, or pilot initiatives for novel cyber solutions to local issues. This programme is a crucial part of ensuring all regions of the UK have the talent needed to tackle cyber threats and grow their local cyber ecosystems.

Minister Clark made the announcement at an international skills event at Wilton Park where the UK is convening a global discussion on cyber professional standards. She also published new statistics detailing the UK’s cyber security labour market which contain the good news that the cyber skills gap is narrowing in some areas.

Our Cyber Security and Resilience Bill will bring forward new laws next year to further strengthen online defences and ensure more digital services are protected than ever before. There’s more detail on this below.

Finally, we’ve had brilliant results for cyber students completing the DSIT-funded Cyber Extended Project Qualification (EPQ), to whom I offer my congratulations. I wish them all the best in their future careers. 

Rod Latham 

Director, Cyber Security and Digital Identity

2. Cyber Local funding now open for applications

DSIT has launched a funding opportunity for cyber security initiatives in regions across the UK. This funding is available to support local projects which seek to either increase the quality, quantity and/or diversity of practitioners entering the cyber workforce, or to support the growth, innovation, and/or strength of cyber ecosystems across the country.  

How to apply:  

If you would like to apply for funding, you will first need to submit an expression of interest to your DSIT Regional Lead before 27 September. Once this has been approved you will be able to submit a full application for funding to our partners Innovate UK, which must be completed by 9 October. For more information on this funding opportunity, how to apply, and all the relevant dates, contact details and supporting information please visit the competition page.  

Innovate UK will also be holding a briefing event on the 19 September which will expand on the application process and criteria for the programme, register for this event here.

3. The Cyber Security and Resilience Bill 

  As announced in the King’s Speech (see page 94), the Government will bring forward the Cyber Security and Resilience Bill in 2025, in the first session of the new Parliament.   The Bill will bolster our defences at a critical time when the UK’s digital economy is increasingly being targeted by cyber criminals and state actors. Recent high-profile incidents demonstrate the damage and disruption cyber attacks can create.

To address the evolving cyber threat and growing number of targeted attacks, the Bill will strengthen UK’s cyber resilience and ensure the critical infrastructure and essential services we rely on, including hospitals and the health sector, are more secure. This will be delivered by strengthening the UK’s only cross-sector cyber legislation – the Network and Information Systems (NIS) Regulations 2018. Measures will include expanding the remit of the regulation to protect more digital services and supply chains. 

We have received a number of enquiries from individuals and organisations wanting to discuss the Bill and we will engage with stakeholders on this in due course.

4. Brilliant results for Cyber EPQ students

Students who completed the DSIT funded CyberEPQ qualification achieved great results with 68% achieving A*-B.

The CyberEPQ is the UK’s first and only accredited Level 3 Extended Project Qualification (EPQ) in Cyber Security. The qualification offers training in topics across the cyber security spectrum, from the history of computing and cryptography to digital forensics and the human factors in cyber security.    

DSIT provided funding to enable students aged 16-18 to complete the qualification, expanding access to the CyberEPQ and helping participants to build their cyber skills and knowledge. Students completed up to 13 modules and produced 500 word written projects on a chosen cyber security topic. These excellent results show the hard work and effort by students has paid off. 

If you want to learn more, please visit the cyber EPQ website and reach out to the CyberEPQ team at the Chartered Institute for Information Security.

5. New statistics published for Cyber Essentials & Cyber Explorers 

DSIT is now publishing quarterly management information on some of its key cyber security programmes, including the Cyber Explorers skills programme for young people and Cyber Essentials.

The latest figures for Cyber Essentials show 11,307 Cyber Essentials were awarded in the past quarter, bringing the total to 43,480 certificates awarded in the past year.  

On Cyber Explorers, 92,359 students are now taking part in the cyber skills programme, supported by 3,732 teachers across 2,893 schools.  

For more information, visit the cyber security management information page.