Liz Lloyd, the UK’s Minister for the Digital Economy, set out the government’s latest plans to strengthen national cyber resilience and drive innovation at a techUK cyber security event on 15 October 2025.
Speaking at One Great George Street, Lloyd unveiled new investments, legislative measures, and talent initiatives aimed at bolstering the UK’s £13 billion cyber sector and safeguarding critical infrastructure against escalating digital threats.
In her first public address on cyber security since taking office, Lloyd described the sector as both a “guardian” of the digital economy and an “engine” of innovation. “Cyber security is not just a technical issue,” she said. “It’s an enabler of growth and innovation.”
The UK’s cyber industry now comprises more than 2,000 companies employing over 67,000 people directly, according to government figures. Including roles embedded across the wider economy, that number rises to around 143,000. The government views the sector as a central pillar of its Industrial Strategy, combining economic and national security objectives.
Lloyd highlighted several ongoing initiatives designed to sustain the momentum of UK cyber growth. Chief among them is the Cyber Growth Action Plan, a government-commissioned blueprint released earlier this year that recommends fostering a stronger cyber culture, enhancing leadership, and nurturing regional clusters of expertise.
The minister also announced further investments in innovation, including £6 million for startups through the Cyber Runway accelerator and £10 million to expand the Cyber Academic Startup Accelerator Programme (CyberASAP), which has already produced 34 spinouts and attracted over £40 million in private investment.
To address persistent talent shortages, Lloyd underscored the government’s flagship TechFirst programme, a £187 million initiative launched in June 2025 to train a million young people in foundational AI and cyber skills. Delivered in partnership with industry, it aims to connect 4,000 graduates and researchers with employment opportunities.
Beyond investment, Lloyd emphasised that policy must evolve to meet growing cyber risks. Recent attacks on firms such as Jaguar Land Rover, Co-op, and Marks & Spencer have underscored vulnerabilities in supply chains and critical systems.
In response, the government will soon introduce the Cyber Security and Resilience Bill, which expands the UK’s cyber regulatory framework to cover managed service providers and critical suppliers. The legislation will grant regulators greater powers and enable faster responses to emerging threats.
Lloyd described the bill as “a proportionate but decisive step” to protect essential services—from water and energy to healthcare, on which daily life depends. She confirmed that most UK businesses would remain outside the bill’s direct scope, but would still benefit from stronger resilience throughout the supply chain.
To promote best practice, the Department for Science, Innovation and Technology (DSIT) is urging corporate boards to treat cyber security as a strategic issue. A letter sent to major firms this week calls for board-level oversight and engagement with government guidance.
The minister cited two existing initiatives as key tools for improving cyber maturity: the Cyber Essentials certification, which she noted reduces cyber insurance claims by 92 per cent, and the Cyber Governance Code of Practice, designed to help directors manage digital risk. Lloyd pledged to “redouble” efforts to drive adoption across the private sector.
The government is also revising its National Cyber Strategy, last updated in 2022. The refreshed plan, currently in development across Whitehall, will focus on both resilience and economic growth, incorporating lessons from recent attacks and advances in emerging technologies such as quantum computing and artificial intelligence.
Industry groups including techUK have been closely involved in consultations. The association has long advocated for a more integrated approach linking innovation support with national resilience.
Analysts see Lloyd’s speech as part of a wider recalibration of the UK’s technology policy. While investment in cyber innovation has grown steadily, concerns persist about skills shortages, uneven regional development, and regulatory complexity.
