Minister Lloyd speech at a techUK cyber security event - Oct 15

Liz Lloyd, Minister for the Digital Economy, spoke to a techUK cyber security event on 15 October 2025.

"It's a real pleasure to be here with you tonight.

And thank you Nils for my introduction - and for remembering my very long title.

It's a special moment for me personally. It's my first public speech on cyber security since being appointed as Minister for the Digital Economy, and I can't think of a better place to start than with you: the people at the heart of keeping our digital economy safe, resilient and thriving. 

As you know, cyber security is not just a technical issue. It's an enabler of growth and innovation. Firms with good cyber security in place can be confident of a stable environment under which they can invest and develop.  

More widely, cyber security underpins everything we want to achieve in science, technology and innovation. Whether it's AI, quantum, semiconductors or smart infrastructure - none of it works without trust, and trust depends on security. 

UK cyber security sector

So let me begin by reiterating the government's unwavering support for the UK's cyber security sector. 

This sector is a crucial element in our Industrial Strategy. It's a frontier industry - one that not only protects our national interests but drives economic growth, creates high-value jobs, and strengthens our global standing.  

The UK cyber sector now generates over £13 billion in revenue per year and directly supports more than 67,000 jobs across 2,000 companies. In total, 143,000 people are employed in cyber security jobs across the economy. That's a remarkable achievement - and it's thanks to everyone in this room. 

But we know there's more to do. That's why we commissioned the Cyber Growth Action Plan earlier this year - addressing the question of what government and industry need to do in the future to drive further growth.

The plan sets out 9 recommendations across 3 pillars of culture, leadership and place. It calls for government to help stimulate informed demand for cyber security, clearer expectations for cyber risk reporting, and developing regional areas of cyber strength and specialisation. 

It's about helping winners grow, stimulating demand, and building public understanding of cyber security's role in national resilience.  

We'll be responding to the action plan in due course, including working with our forums - such as the Cyber Growth Partnership - to discuss the recommendations and their implementation.  

But in the meantime I wanted to touch on the other work my department has been driving forward across the sector, to help support your businesses to thrive.   

We're continuing to invest in programmes that support innovation. Our Cyber Runway programme - the UK's largest cyber accelerator - is helping startups and scaleups access funding, develop products and expand internationally.  

We recently secured a further £6 million pounds to support cyber startups by building on the Cyber Runway accelerator. 

Then there's CyberASAP - our academic startup accelerator – which has already created 34 spinouts, 76 new jobs and generated over £40 million pounds in investment. These programmes are helping turn pioneering ideas into commercial success. 

As part of the Industrial Strategy we secured an additional £10 million pounds to support commercialisation of cyber research through the CyberASAP programme. 

Driving growth is not just the role of government. You all have a role and I know that many successful cyber founders are now supporting the next generation of startups.  

Last week an industry led group started to build on this, bringing Chief Information Security Officers (CISOs) from across all sectors of the economy into the same room as cyber startups to build collaboration through design partnerships. We will do everything we can to support this drive to find the next UK cyber unicorn. 

And we hear from you that skills is a huge issue.  Tonight, I want to highlight a new flagship initiative: TechFirst. 

Announced by the Prime Minister at London Tech Week back in June, TechFirst is a £187 million programme to build a sustainable domestic pipeline of tech talent.  

It will reach one million young people with foundational skills in AI and cyber, support over 4,000 graduates and researchers, and connect skilled people with real job opportunities across the UK. 

TechFirst builds on the success of our existing CyberFirst programme and will be delivered in partnership with industry. So I want to encourage you - the sector - to get involved.  

Your involvement could include offering work experience, mentoring, training places, or helping to shape local delivery. Whatever it is, your support will be vital. Together, we can inspire the next generation and ensure that talent is never a barrier to growth. 

Resilience and the Cyber Security and Resilience Bill

Of course, we must also be honest about the threats we face. 

Recent incidents - at Jaguar Land Rover, Co-op and M&S - have shown how disruptive and damaging cyber attacks can be. They've affected supply chains, halted operations, and put livelihoods at risk. Costs have run into hundreds of millions of pounds. These events are a stark reminder that resilience is not optional - it's essential. 

That is why the government this week wrote to the UK's leading companiesasking them to make cyber security a board level responsibility and to make full use of government support and guidance.    

For the most critical and essential parts of our economy, we are going further by introducing the Cyber Security and Resilience Bill. 

This legislation will expand the scope of our existing cyber regulations to cover more critical services. This includes bringing managed service providers and critical suppliers into scope. 

The Bill will also strengthen the powers of regulators, and give government the tools to respond quickly to emerging threats. It's a proportionate but decisive step to not only protect the critical services on which we all rely, but also strengthen cyber resilience across the UK economy. 

The Bill will be introduced as soon as Parliamentary time allows. It has been developed working closely with regulators, industry and many of those who are here tonight.  

I want to thank techUK for your close engagement with us as we've developed the Bill. We've really valued your feedback. 

I want to assure you there will many opportunities to feed into our plans for implementation and there will be suitable transition periods for businesses to reflect the changes we are bringing forward. So please do continue to share your feedback - it is incredibly valuable. 

This legislation to improve cyber resilience is focused on the most critical services. The services the public rely on to go about their normal lives – to switch on lights, turn on the tap to safe water, and know the NHS is there to support them.   

However, the vast majority of UK businesses and organisations will not be covered by the Cyber Bill because we do not think it would be proportionate. The IT and services they rely on will become more resilient as a result of the Bill – and the support and free advice we have made available ensures firms are on a stronger footing to safeguard themselves and deal with disruption.  

We are continuing to work with industry to help drive action and increase adoption of cyber security measures.  

I want to work with you all to understand how we can best help businesses take up the guidance and tools the government has created.  

For example, we know the Cyber Essentials scheme is highly effective. Organisations with a Cyber Essentials certificate are 92% less likely to make claim on their cyber insurance than those without. We're working hard to drive adoption of Cyber Essentials, but how can we do it better? 

Similarly, we published a Cyber Governance Code of Practice earlier this year. This helps Boards and Directors effectively manage cyber risks in their businesses - and it comes with free training from the National Cyber Security Centre. All larger organisations should be using this.  

How will we make sure that happens - redouble our efforts? 

New National Cyber Strategy

Many of the answers will be set out in a National Cyber Strategy, which we're in the process of refreshing. 

The new strategy will reflect the evolving threat landscape and the opportunities of emerging technologies. It will focus on resilience and growth, and DSIT will play a leading role in shaping its direction. We're working across Whitehall and with industry to ensure it delivers real outcomes and reflects the strengths of our cyber ecosystem.  

Thank you again to everyone who has been involved.   

Conclusion

So, to sum up: 

We're backing the cyber sector - because it's vital to our economy and our national security. 

We're investing in growth, innovation and talent - because a strong cyber ecosystem underpins everything we do.  

And we're strengthening our cyber defences - because it's what we need to do to keep the public and the economy safe, and harness the opportunity of technology and digital advances on AI.  

Finally, we're asking you to continue working with us – because cyber security is a team sport. You can help us shape the future, support young people, and build a cyber sector that is secure, inclusive and built to last. 

Thank you for everything you do. Have a great evening - and I look forward to working with you."