Blog

Canada House hosted a breakfast meeting on 12 September 2025, bringing together Canadian and UK businesses to explore new avenues of defence cooperation. The discussion, chaired by Andy Butt (MakeUK Defence), featured perspectives from David Holmes (UK Defence Business Centre), James Kempston (NP Aerospace), John Stocker (BAE Systems), and Siobhan Harty (Defence & Marine Procurement, Canada).

The dialogue underscored an important reality: as the global security environment grows more complex, the defence sector must adapt by moving beyond traditional procurement models toward deeper, more agile partnerships.

For Canada and the UK, this means strengthening industrial collaboration, with a particular emphasis on the role of innovative SMEs. These firms contribute agility, disruptive technologies, and fresh thinking that are vital to future capability.

Three strategic priorities emerged:

• Regulatory Alignment – Harmonising legal and industrial frameworks to reduce friction, streamline export processes, and enable joint investment in integrated supply chains.
• Innovation at Pace – Coordinating standards and accelerating investment in frontier technologies such as AI, autonomy, quantum, and cybersecurity to remain at the forefront of capability development.
• SME Enablement – Designing pathways for SMEs to access contracts and capital, while creating new risk-sharing and procurement structures that support their ability to scale.

By addressing these priorities, Canada and the UK can reinforce their shared defence capabilities, strengthen their industrial bases, and contribute to a more secure and resilient international order.

This collaboration is not simply about meeting today’s requirements—it is about shaping the future of defence through partnership and innovation. 

UKC3 has welcomed publication of the UK Government’s Cyber Growth Action Plan.

The national cluster network has also offered to assist in shaping Government objectives through its established network, spanning 18 areas around the UK.

The Government has made clear that cyber security presents an essential part of the UK’s future growth. Earlier this year, the Industrial Strategy identified cyber security as a frontier technology in its Digital and Technologies sector plan.

The Department for Science, Innovation & Technology (DSIT) has now published its Cyber Growth Action Plan, offering a vision for developing the sector. 

Both plans note that the UK cyber sector is growing – and has the scope to grow much more. However, both also warn that cyber threats are also in the ascendancy.

Therefore, DSIT’s Cyber Growth Action Plan identifies three strategic priorities for Government and industry to seize upon the cyber opportunity by: 

1. Pushing the cycle of resilience and growth by stimulating demand – and supporting businesses of all sizes in meeting that demand;
2. Making strategic choices about where to focus on technologies and sectors;
3. Simplifying and clarifying the roles of government in relation to cyber resilience and growth. 

Over recent years, UKC3 has demonstrated its convening power in building a unique network of 18 cyber security clusters.

Clusters are based around the UK, with UKC3 providing a single point of access to Government and industry groups requiring a distinct understanding of local markets and industry needs.

Since incorporation in 2021, UKC3 has become a UK lead in its space, operating between clusters, government, industry, academia, cyber security professionals, and investors to help attract, develop, and retain cybersecurity talent.

UKC3 has achieved this by:

• Sharing resources to seed and grow innovative cyber security ecosystems.
• Working with education, outreach, and apprenticeships to address skills shortages.
• Helping build networks to spread new ideas, technologies, and investment.
• Supporting cluster-based events, programmes, and funding bids.

Ben Shorrock, UKC3 Director and Ecosystem Development Lead, said: “Our 18 clusters have deep roots in their local cyber security ecosystems, with networks spanning industry, local authorities, academia, and the third sector.

“These 18 clusters are embedded in their communities, reflecting place-specific priorities and strengths, and making them ideally placed to support with the development of the Government’s planned Regional Cyber Growth Centres.”

At a strategic level, UKC3 has demonstrated its purpose as a central board by convening  clusters and stakeholder forums, as well as liaising directly with Government.

It has also supported clusters as they make their own case to Government: UKC3 recently backed a White Paper by the East Midlands Cyber Security Cluster warning of a looming skills crisis in the cyber security sector. It has been sponsored by the APPG on Cyber Innovation and will be officially launched in Westminster later this month.

Simon Newman, UKC3 Co-Chair, said: “UKC3 is experienced in facilitating impactful collaboration across the UK’s cyber sector, as well as sharing regional best practice, and driving development that is essential to closing the UK’s cyber skills gap.

“We’ve learned that place-based clusters are fundamental to instilling the key messages of cyber security in the UK and welcome DSIT’s plans to take the idea further.”

Systems for training the UK’s future generations of cyber security professionals are no longer fit for purpose, industry experts have warned in a new White Paper.

Sector specialists say that a fragmented 20th Century training ecosystem risks leaving UK businesses exposed to 21st Century cyber threats.

The White Paper – published by East Midlands Cyber Security Cluster with the support of UKC3, De Montfort University, and the APPG for Cyber Innovation – add that Government intervention is urgently needed to build the inclusive and sustainable cyber workforce of the future. Such a new approach would provide consistent role definitions, skills standards, and career progression across sectors.

The UK’s digital economy is growing rapidly and is central to the Industrial Strategy 2030 – yet cyber security remains one of the UK’s greatest skills challenges of the age. High profile cyber attacks are escalating – often resulting in devastating consequences to businesses as they introduce digital systems at speed. Meanwhile, the UK’s fragmented cyber education and training system is leaving the country dangerously exposed.

As Government prepares its updated National Cyber Strategy, experts warn that joined-up thinking is urgently required to address the short-termism that has led to a national shortage of qualified cyber professionals and the absence of a unified skills framework.

An EMCSC-led Parliamentary Roundtable on the Cyber Workforce earlier this year brought together a select group of senior directors from organisations including UKC3, DSIT, UK Cyber Security Council, SASIG, CIISec, BCS, and a host of other industry leaders and leading academic figures to look at ways of creating a future-ready UK cyber workforce.

A subsequent White Paper – published today – takes learnings from the roundtable and sets out five steps for the Government to secure UK cyber security skills for decades to come. The White Paper recommends that Government should:

1. Establish a DSIT-led taskforce to co-create a UK Cyber Skills Taxonomy
2. Establish a national delivery body to govern the taxonomy
3. Incentivise employer adoption of standardised, skills-based recruitment
4. Align education and career pathways to real-world cyber roles
5. Scale regional skills alignment through a National Implementation Framework.

Dr Ismini Vasileiou, Co-Chair of UKC3, Director of East Midlands Cyber Security Cluster (EMCSC), and Associate Professor, De Montfort University, authored the paper and said:

“Recent arrests in relation to cyber-attacks on M&S and Co-op show the real and growing threat faced by UK citizens and businesses. What doesn’t make the headlines is the UK’s chronic shortage of cyber professionals.

“There’s currently a mismatch between Government industrial ambition and educational reality. We won’t secure a 21st Century digital economy with a 20th Century skills pipeline.

“This is emerging as a critical situation for SMEs, which are the backbone of the UK economy, but which are increasingly exposed as they race to meet modern digital expectations and standards.”

Dan Aldridge MP, Chair, APPG for Cyber Innovation, said:

“Building a resilient and digitally capable workforce is fundamental to our country’s economy, and future workforce.

“As members of Parliament, ensuring everyone has the opportunity to develop cyber skills matters to keep our constituents and local businesses safe. Without such a foundation, we risk perpetuating the very gaps we are striving to close, and undermining the government’s mission of sustainable digital transformation.

“This White Paper highlights widespread consensus on the need for a shared language and structure for cyber skills, and we urge our colleagues across Parliament to treat this white paper not as another strategy, but as a call to action, to help build a cyber workforce that is as dynamic and diverse as the challenges we face.”

Professor Mike Kagioglou, Deputy Vice-Chancellor Planning, Research and Innovation, De Montfort University Leicester, said:

“The recommendations in this White Paper reflect what we see every day in our work with businesses: namely, a growing demand for cyber skills and a fragmented system that is not keeping pace.

“At DMU, we’re already helping bridge the gap through applied research, industry partnerships and education that meets real-world needs.

“We fully support the call from Dr Vasileiou and the APPG for a national strategy to align skills, accreditation, and employer demand.

“DMU stands ready to assist and support a central, recognised, skills development and accreditation framework for cyber security.”

Read the White Paper in full here.

The UK’s Modern Industrial Strategy places significant emphasis on cyber security.

The 10-year plan – published this week –  features opportunities around cyber security as a critical component of the nation’s economic security, digital transformation, and technological sovereignty. 

Published soon after Chancellor Rachel Reeves used the 2025 Spending Review to outline the importance of AI capability and cyber resilience, the Industrial Strategy recognises cyber security as both a foundational requirement for business operations and a high-growth sector with substantial export potential.

The accompanying Digital and Technologies Sector Plan identifies cyber security as an area for investment, addressing challenges that prevent widespread technology adoption and establishing  supply routes into intelligence and defence. Cyber security is one of six “frontier technologies” listed as having the highest potential for growth.

Cyber security as an economic priority

The Industrial Strategy considers cyber security within the broader context of economic and national security, reflecting on security and economic ties that are “shifting in the face of rising geopolitical instability”. 

Government recognises that strengthening economic security requires strategic investments in critical supply chains, technologies, and energy security – as well as support for businesses in understanding and mitigating cyber risks.

Cyber security capabilities are also closely integrated with the UK’s defence industrial strategy. The Government’s commitment to increase defence spending to 2.6% of GDP, with ambitions to reach 3% in the next Parliament, will simultaneously support cyber security development.

It identifies £1.2bn further investment into skills per year, including support for adult learners through Local Skills Improvement Plans (LSIPs), and courses to support 16–19-year-olds.

Also referenced is the expansion of Cyber Essentials accreditation and bringing digital skills into classrooms and communities to address the needs of future careers. It includes plans to support more than 4,000 graduates, researchers and innovators aiming to work in AI, computer science and cyber security. The need is identified for specialist skills in cyber security.

The Strategy references cyber security clusters across the UK linking with lynchpin organisations such as the National Cyber Security Cluster to form a thriving ecosystem. Belfast is cited as one example of strength in cyber security, with Northern Ireland home to more than 100 cybersecurity businesses, supporting 2,750 jobs, and paying an average salary of £53,300.

Strategic digital integration

Cyber security itself sits within the Digital and Technologies sector, one of the eight high growth sectors identified in the Industrial Strategy.

It places cyber security alongside core growth industries including AI, advanced connectivity, quantum, and semiconductors. However, digital technology runs throughout the document, with the Industrial Strategy noting that the UK’s Digital and Technologies economy is responsible for “building our sovereign capability in the most strategically important areas”.

The Digital and Technologies Sector Plan sets out cyber security as being crucial for economic stability in a time in which the impact of cyber attacks has become more prominent.

The UK’s cyber security industry generates £13.2 billion in revenue across more than 2,000 firms, and the UK is recognised as one of the most committed countries to cyber security globally. The Plan picks out regional hubs in the South West, Greater Manchester and Lancashire, and Belfast as emerging centres of innovation. 

Meanwhile, cyber security exports continue to boost the UK economy, growing from £4.1 billion in 2020 to £7.2 billion in 2023. AI presents an opportunity to accelerate this.

Regional cyber security growth

Ben Shorrock, UKC3 Director and CEO of TechSpark, welcomed the Industrial Strategy’s recognition of cyber security as fundamental to strategic regional and UK economic growth.

“The Industrial Strategy supports what we’ve been building through UKC3 – a thriving cyber ecosystem, operating regionally and meeting distinct local needs, but with a central national point of access for partnerships and collaboration.

“The plan for investment in cyber skills, Cyber Essentials, and other digital technologies shows that the Government understands that cyber security is both a fundamental business requirement as well as an area of economic growth.

“With our established network of regional cyber security clusters, UKC3 is ready to work with the Government to bridge national policy with local implementation – ensuring that investment benefits businesses and emerging cyber professionals throughout the UK.”

More than 110 delegates attended a cyber security event staged to develop cyber trade and research partnerships between the UK and Canada.

The event brought UK-based cyber and managed services businesses together with the Canadian delegation to look at opportunities around technical and commercial Canada-UK partnerships.

UKC3 supported the event by bringing together organisations from its network spanning 18 regional cyber clusters across the UK. The High Commission of Canada hosted a reception and a panel discussion to introduce Canadian businesses to opportunities in the UK.

Organisations including CGI, the Department for Business and Trade, Cypfer and the Cyber Resilience Centre for London discussed the latest cyber security trends in the market. These included the cyber security landscape in the UK, current threats, threat actors, and types of business being impacted.

Recent cyber attacks on UK retailers highlighted the risk to business. Cyber security is often not the top priority for SMEs, but is gaining an increasing level of attention. The gathering learned that the UK has 2,165 cyber businesses, employing 60,000 people, while Canada has 550 cyber businesses employing 23,000. It makes the UK and its businesses an important cyber partner for Canada.

The event was hosted at Canada House – the diplomatic mission on Trafalgar Square in London – and brought 117 attendees together at a reception. More than 50 also attended a briefing panel earlier in the day.

Sanjay Purohit, UK Lead ICT, AI and Digital Industries Trade Commissioner, Government of Canada, said: “It was a pleasure to work in partnership with UKC3 to deliver the Canada-UK Cyber Security Insights Briefing as well as our reception at Canada House. 

“Companies such as Parabellyx, Purilock and Capzul – who joined this mission – found qualifying UK opportunities, meeting new MSSPs and learning more about the UK cyber security market to be valuable. 

“We look forward to our ongoing work, follow up and partnership with UKC3.”

Latham French, Senior Economic Officer at Ontario Trade & Investment Office – London, said: “Ontario was proud to lead this delegation of Canadian companies, including 12 Ontario businesses, in exploring the opportunities available in the UK market as they forge new partnerships. This mission highlights Ontario’s global talent in cybersecurity and AI, and our commitment to helping businesses grow through international collaboration.

With strong interest and promising outcomes from both sides, the mission underscored the value of continued Canada-UK cooperation in advancing cyber resilience and digital innovation. As a new partner, UKC3 were instrumental in levelling up opportunities for all participants to make new business connections, we look forward to future collaborations.“

The event was held in partnership between UKC3 and the High Commission of Canada, with guests using the opportunity to build networks and discuss strategic opportunities in areas ranging from hardware to artificial intelligence. They were joined by experts representing organisations ranging from hardware and software testing companies to Canadian regional economic development agencies.

Zain Javed, Cluster Director at North West Cyber Security Cluster and Co-Founder of Citation Cyber, was also among the guests, describing the event as a good opportunity to connect with like-minded professionals from both sides of the Atlantic.  

He added: “It was refreshing to hear first-hand from Canadian SMEs about the challenges and opportunities they’re tackling and to share perspectives on how we can collaborate more deeply across the UK and Canada.”

“Events like this help strengthen international links and foster innovation in our sector.”

Simon Newman, Co-Chair of UKC3 and Founder of Cyber London, said: “Events such as this demonstrate the power of the national cluster network in bringing together cyber specialists both nationally and internationally.

“It’s a format we are now looking to replicate with representatives from other nations.

“We are grateful to our partners at the High Commission of Canada for working with us to stage such a productive and enjoyable event.”

UKC3 helps to convene cyber security cluster engagement in national and international events. Find out more here or email info@ukc3.org

The 2025 Spending Review placed digital transformation at the heart of the Government’s long-term economic and national security strategy.

Chancellor Rachel Reeves covered AI capability, cyber resilience, as she set out funding for government departments over coming years. The funding covers day–to-day spending and capital investment on infrastructure projects.

The announcement was a significant moment for the UK’s cyber ecosystem, affirming its critical role and offering a new wave of opportunity for innovation, skills, and collaboration.

Ben Shorrock, UKC3 Director and Ecosystem Development Lead, and CEO at TechSPARK,  has been looking at the implications.

Cyber is central to Government transformation

The headline £3.25 billion Transformation Fund will drive modernisation across public services, with a clear focus on digital delivery, automation and security. 

Each Government department is now expected to deliver at least 5% efficiency savings, largely through digital transformation and enhanced cyber resilience.

This marks a fundamental shift – cyber security is no longer just a protective layer, it is now central to delivering a more efficient, agile state.

£600 million for Intelligence and Security

An additional £600 million has been allocated to the UK’s intelligence agencies. This includes £100 million specifically for cyber and national security institutions. 

The funding includes continued backing for the National Cyber Security Centre (NCSC) and the National Protective Security Authority (NPSA).

This investment underlines the importance of maintaining and expanding the UK’s defensive capabilities in an increasingly complex threat landscape.

This is a clear opportunity for innovation and public-private collaboration in threat detection, resilience and critical infrastructure protection.

Building a digitally-skilled Civil Service

The Government has committed to making 1 in 10 civil servants a “digital professional” by 2030. This means embedding AI, cyber and digital capability across departments. 

This is a big ambition – and one that will rely on strong connections with the cyber ecosystem.

UKC3 and our partners already play a critical role in cyber talent development through programmes like CyberFirst, which we help support across multiple regions. 

As CyberFirst transitions into the broader TechFirst programme, we’re committed to building on that success – ensuring that cyber remains a core pillar of future digital skills delivery, and that regional clusters remain central to its rollout.

Digitising HMRC

A dedicated £500 million investment will transform HMRC’s services, with a goal of making 90% of interactions digital self-serve by 2029-30. 

Security, trust and data integrity will be vital to this shift – making it an important area for cyber innovators specialising in digital identity, fraud prevention and secure access.

AI Investment

The Government’s £2 billion AI Action Plan includes a 20-fold increase in the UK’s compute capacity, support for scaling AI companies, and the launch of a new UK Sovereign AI Unit.

While AI isn’t a cyber investment per se, its rapid adoption brings with it significant security challenges and opportunities. 

From securing AI infrastructure to addressing model vulnerability and misuse, the cyber sector will play a vital role in ensuring AI can be deployed safely, responsibly and at scale.

Long-term growth through R&D

With R&D investment rising to £22.6 billion per year by 2029-30, the Spending Review reinforces the UK’s innovation-first approach to long-term growth. 

Cyber security R&D – including secure-by-design technologies, AI safety, privacy-enhancing tech and threat modelling – must be part of this investment landscape.

An opportunity for UKC3 and the cyber ecosystem

The Spending Review places cyber at the heart of national strategy. 

To make the most of this, we must:

• Ensure regional cyber clusters are recognised as essential partners in delivery of public sector digital transformation
• Embed cyber capability and innovation into the UK’s AI and digital economy ambitions
• Build new pathways into cyber careers, particularly by supporting the successful transition from CyberFirst to TechFirst
• Help SMEs access funding and procurement opportunities emerging from this wave of public sector investment
• Champion cyber resilience as an enabler of productivity and economic growth, not just a compliance exercise

UKC3 is committed to leading this national effort. 

Through collaboration, innovation and a strong regional network, we will ensure the UK’s cyber sector continues to thrive, support national resilience and shape the future of secure digital infrastructure.

• Learn more about the convening power of UKC3.