DSIT Publishes Latest Insights on UK Cyber Security Skills in the UK Labour Market Report

Explore how the UK’s cyber security skills are evolving in DSIT’s newly released 2025 research.

DSIT is pleased to share the latest findings from the Cyber Security Skills in the UK Labour Market 2025 report, commissioned by DSIT and delivered by Ipsos and Perspective Economics. Now in its seventh year, this research offers a detailed picture of the UK’s cyber security workforce, its evolving skills landscape, and the challenges ahead.

This report builds on our growing evidence base for the cyber security sector, offering detailed insights into sectoral business statistics, skills, supply and demand, and emerging trends such as AI integration - explore the visual summary here which highlights key evidence in this area.

KEY FINDINGS:

DSIT’s research estimates that the UK cyber security workforce reached 143,000 professionals in 2024, reflecting a moderate 5% acceleration in growth from 2023, largely driven by a 20% increase in graduate numbers. However, the annual workforce gap, the shortfall between supply and demand, has narrowed substantially in recent years, stabilising at 3,800 in this report from 3,500 last year, compared to 11,100 in 2022. This shift suggests that the policy challenge is no longer just about increasing supply, but about better aligning new talent with evolving demand.

Visual summary of UK’s annual cyber security workforce gap (UK, 2024)

Diversity continues to be a major challenge. Only 17% of the cyber security workforce is female, compared to 48% of the UK workforce overall. Those with a disability represent just 8% of the cyber security workforce, and while 19% of cyber security professionals are from ethnic minority backgrounds, only 8% of these professionals hold senior roles. Encouragingly, neurodivergent representation has increased to 16% in 2024, and female participation in postgraduate cyber courses has risen steadily to 27% in most recent available Higher Education Statistics Authority (HESA) data for the 2022/23 academic year.

Percentage of the UK cyber sector workforce estimated to belong to each of the following diversity groups (UK, 2024)

Reflecting on the diversity data, Parliamentary Under Secretary of State, Minister Kanishka Narayan MP, states: “These figures are a sobering reminder that we have much work to do to create an inclusive and representative workforce which draws upon the widest range of talented people… To address these issues, we are launching the TechFirst skills programme, which will be a cornerstone of our strategy to improve diversity and numbers in the cyber security sector.”

The report also highlights persistent skills gaps across the economy. Nearly half of UK businesses (49%) struggle with basic cyber tasks such as setting up firewalls and detecting malware, and 30% report gaps in advanced skills like penetration testing and forensic analysis. These gaps are particularly acute in charities and small businesses.

Artificial Intelligence appears to have a growing influence on the sector. Over half of cyber security businesses (53%) report staff using AI tools in their daily work, and around two-thirds (65%) expect their need for AI-related skills to increase in the coming year. Yet only 42% of businesses say their staff have received formal AI training. Employers anticipate a shift in demand away from operational roles and towards those requiring critical thinking and the ability to interpret AI-driven insights, a trend that may further complicate entry-level recruitment.

These headline findings represent just a selection of the insights available. The full report offers a deeper dive into sectoral trends, regional variations, educational pathways, and employer perspectives.