This is a best prospect industry sector for this country. Includes a market overview and trade data.
Last Published: 9/8/2018
Overview

The UK cyber security market is valued at over $5 billion and is widely regarded as the largest cyber security market in Europe.  Despite generally flat IT budgets, the increasing threat of cyber-attacks has led to greater spending on security in both the public and private sectors.  According to the National Crime Agency cybercrime costs the UK economy many billions of pounds each year and can pose an existential threat to businesses.  UK crime statistics now include online crime figures that show there were some 5.6 million offences committed in 2016.  In 2017, 70% of large companies and 74% of SMEs reported that they had suffered a cyber breach.

The impact of cybercrime is difficult to quantify, but is estimated to cost the UK roughly up to $30bn per year. The National Cyber Security Centre (NCSC) reports around 60 ‘high-level’ cyber-attacks on the UK a month, many of which threaten national security.

The UK is facing increasing cyber security threats and this has led to an upsurge in spending on cyber security – both public and private sector. The Government is implementing its digital transformation agenda to move more and more services online.  Citizen data needs to be protected.

The General Data Protection Regulation (GDPR) will drive future spending on cyber security as companies seek to comply with the regulation.  Companies that suffer data breaches in the future will be liable for heavy penalties that could amount to as much as 4% of a company’s global revenues. 

In 2016 the UK Government issued its five-year National Cyber Security Strategy.  This commits the Government to invest $2.4 billion in order to defend critical national infrastructure and deter cyber-criminal activity.  The strategy will also invest in growing the UK’s cyber capability and developing the UK cyber security sector.

The National Cyber Security Centre (NCSC) will provide a hub of world-class expertise for businesses and individuals, as well as rapid response to major incidents.  The NCSC includes the cyber section of the Centre for the Protection of National Infrastructure (CPNI).

Leading Sub-Sectors

Large Enterprises
The bulk of the cyber security market is orientated around large commercial enterprises securing their day-to-day business.  Financial services, utilities and transportation companies are large spenders.

Public Sector
Central and local government are investing heavily in securing health and education data, as well as new services that are being placed online – for instance universal credit.

Defense and Security (D&S)
The D&S market is relatively niche and is focused on securing the nation's secrets; involving the security and intelligence agencies, as well as the Ministry of Defence (MoD).

Small and Medium sized Businesses
Many small businesses are unprotected and are seen as an easy target for cyber criminals.  The government is encouraging SMEs to adopt basic cyber hygiene standards.  Some public procurement contracts stipulate minimum cyber requirements for supply chains.
 
Opportunities

Opportunities exist to supply organizations of all sizes from SME to large corporations. However, the most substantial opportunities are to be found in organizations for which IT security is mission critical, e.g. major financial institutions, utilities and especially government departments (including Home Office, Ministry of Defence, Immigration and Border Protection, Revenue and Customs etc.).

The UK IT security market is open and many U.S. companies operate successfully in the UK.  However, there are specific UK regulations of which U.S. companies should be aware, including: Data Protection Act, Privacy and electronic communication, Freedom of Information Act, and Environmental information. Further information on these regulations can be obtained from the UK Information Commissioner’s Office. Further information regarding issues relating to the hosting of personally identifiable information overseas can be obtained from privacy shield.

The EU General Data Protection Regulation (GDPR) will have a profound effect on the way that data holders and data processors will be regulated.

Detailed information on GDPR is also available on the U.S. Commercial Service Europe website
Most public sector procurement contracts in the UK above a minimum value threshold are subject to formal EU procurement procedures. For small businesses hoping to compete for government contracts, this can create a significant challenge given the level of resources often required to respond to very detailed public sector tender notices.

Web Resources

UK Cyber Security Strategy
Infosecurity Magazine/ Cyber news
techUK

Trade Event
Infosecuirty Europe
June 4-6, 2019
London

For further information, please contact:
Claudia Colombo
Commercial Specialist
U.S. Commercial Service
Tel: +44 (0)20 7891 3443
Email:  Claudia.Colombo@trade.gov  

 

 

Prepared by our U.S. Embassies abroad. With its network of 108 offices across the United States and in more than 75 countries, the U.S. Commercial Service of the U.S. Department of Commerce utilizes its global presence and international marketing expertise to help U.S. companies sell their products and services worldwide. Locate the U.S. Commercial Service trade specialist in the U.S. nearest you by visiting http://export.gov/usoffices.



United Kingdom Information and Communication Technology Trade Development and Promotion