The UK’s cyber security sector appears to be benefiting from the Information Commissioner’s Office strategy of hunting down firms whose online security is not up to scratch, with the market now worth an estimated £8.3bn, and the number of firms operating in the industry up an impressive 44% since 2017.
According to the UK Cyber Security Sectoral Analysis 2020, published by the Department for Digital, Culture, Media & Sport, the UK industry has rocketed from 846 companies three years ago to 1,200 now, with the majority based in London.
Confidence in the sector, regardless of the region, is up, with investment exceeding £1.1bn since 2016. Last year was also a record-breaker, with cyber security companies receiving £348m in funding.
This growth has also triggered a huge rise in employment, with the number of full-time roles up 37% over the past two years to 43,000.
The Government attributes the burgeoning market to increased take up in both the private and public sector, although it also gives itself a pat on the back too, insisting its own programmes – such as Cyber ASAP, Tech Nation Cyber and the London Office for Rapid Cyber Security (Lorca) – have been a resounding success.
The DCMS report shows London has the most cyber security firms, 431, which is almost double the next best region, the South East, which has 275 companies. Third on the list was the South West, which has 89 cyber security start-ups.
Cambridge-based unicorn Darktrace was singled out by the report as a shining star in UK cyber security and its CEO Poppy Gustafsson said organisations had no choice but to lean on AI to fight back in the face of fast and sophisticated threats.
She added: “As we start to see the early signs of attackers using AI, defensive AI will be critical, and not just a nice-to-have. The best algorithms will win many battles, but the cyber war will rage on.”
Late last year, an analysis carried out by SMS Works revealed that companies suffering data breaches are far more likely to be clobbered by the ICO – and harder – than even the most heinous rogue marketers.
Drawing on figures from the past five years, the study showed that there had been a 450% rise in penalties from £1.15m in 2014 to £6.3m in 2018 – and that of the four main offences, data breaches, email, SMS, and nuisance calls, data breaches account for the largest proportion of fines.
Since 2010, 110 fines have been handed out for data breaches; 50.9 % of the total. This represents a major change from two years ago, when a large proportion of fines were for so-called nuisance calls.
The first major GDPR rulings to come out of the ICO – the proposed fines against British Airways and Marriott International totalling £282m – are also for data breaches. However, both are being appealed.
BA and Marriott to escape GDPR mega fines…for now
Now Marriott takes a £99m battering for GDPR failings
BA faces record £183m GDPR fine for data meltdown
Data breaches, not rogues, are ICO Public Enemy No. 1
ICO ‘failings’ exposed as most probes come to nothing
‘GDPR experts’ in the dock over dubious legal advice
Have companies done enough to comply with GDPR?