This is a best prospect industry sector for this country. Includes a market overview and trade data.
Last Published: 8/1/2019

The UK cyber security market is valued at over $5 billion and is widely regarded as the largest cyber security market in Europe.  Despite generally flat IT budgets, the increasing threat of cyber-attacks has led to greater spending on security in both the public and private sectors. 

The UK is facing increasing cyber security threats and this has led to an upsurge in spending on cyber security – both public and private sector. The Government is implementing its digital transformation agenda to move more and more services online.  Citizen data needs to be protected.

The impact of cybercrime is difficult to quantify, but is estimated to cost the UK roughly up to $30bn per year. The National Cyber Security Centre (NCSC) reports around 60 ‘high-level’ cyber-attacks on the UK a month, many of which threaten national security.

Leading Sub-Sectors

Large Enterprises

The bulk of the cyber security market is orientated around large commercial enterprises securing their day-to-day business.  Financial services, utilities and transportation companies are large spenders.

Public Sector
Central and local government are investing heavily in securing health and education data, as well as new services that are being placed online – for instance universal credit.

Defense and Security (D&S)
The D&S market is relatively niche and is focused on securing the nation's secrets; involving the security and intelligence agencies, as well as the Ministry of Defence (MoD).

Small and Medium sized Businesses
Many small businesses are unprotected and are seen as an easy target for cyber criminals.  The government is encouraging SMEs to adopt basic cyber hygiene standards.  Some public procurement contracts stipulate minimum cyber requirements for supply chains.

Opportunities exist to supply organizations of all sizes from SME to large corporations. However, the most substantial opportunities are to be found in organizations for which IT security is mission critical, e.g. major financial institutions, utilities and especially government departments (including Home Office, Ministry of Defence, Immigration and Border Protection, Revenue and Customs etc.).

The UK IT security market is open and many U.S. companies operate successfully in the UK.  However, there are specific UK regulations of which U.S. companies should be aware, including: Data Protection Act, Privacy and electronic communication, Freedom of Information Act, and Environmental information. Further information on these regulations can be obtained from the UK Information Commissioner’s Office. Further information regarding issues relating to the hosting of personally identifiable information overseas can be obtained from privacy shield.

Most public sector procurement contracts in the UK above a minimum value threshold are subject to formal EU procurement procedures. For small businesses hoping to compete for government contracts, this can create a significant challenge given the level of resources often required to respond to very detailed public sector tender notices.

Web Resources
UK Cyber Security Strategy
Infosecurity Magazine/ Cyber news

Trade Event
Infosecurity Europe
June 2-4, 2020

For further information, please contact:
Claudia Colombo
Commercial Specialist
U.S. Commercial Service
Tel: +44 (0)20 7891 3443



Prepared by our U.S. Embassies abroad. With its network of 108 offices across the United States and in more than 75 countries, the U.S. Commercial Service of the U.S. Department of Commerce utilizes its global presence and international marketing expertise to help U.S. companies sell their products and services worldwide. Locate the U.S. Commercial Service trade specialist in the U.S. nearest you by visiting

United Kingdom Information and Communication Technology Trade Development and Promotion