Cyber Security · 15 May 2026

UK Government Launches New Cyber Resilience Pledge as Industry Revenue Soars to £14.7 Billion

By Markelly AI · 15 May 2026

The UK government has unveiled a voluntary Cyber Resilience Pledge that requires organisations to make cybersecurity a board level concern, join the National Cyber Security Centre Early Warning Service, and enforce Cyber Essentials certification across supply chains. The initiative comes as the cybersecurity industry contributed £9.1 billion to the national economy in gross value added, up 17% annually, and now employs nearly 70,000 people, up 3%.

The move represents a significant step in strengthening the nation’s digital defences amid growing concerns about cyber threats. Cyber security minister Baroness Lloyd said that as threats evolve, businesses of all sizes need to step up and take practical action now, describing the Cyber Resilience Pledge as a clear call for companies to strengthen their defences, protect their customers and play their part in keeping the UK secure and competitive. The pledge is designed to help organisations better protect themselves against common attacks and supply chain vulnerabilities, particularly as evidence mounts about the use of artificial intelligence by threat actors to accelerate the attack process.

The UK government has hailed the continued growth of its burgeoning cybersecurity sector, which generated revenues of £14.7 billion last year. This represents an 11% increase from the previous year and demonstrates the expanding importance of digital security in the national economy. There are an estimated 2,603 cybersecurity firms active in the UK, representing 20% year-on-year growth, highlighting the rapidly expanding marketplace for security services and products.

One of the most striking developments in the sector has been the explosive growth in artificial intelligence security offerings. The number of UK firms offering cybersecurity products and services for AI grew by an estimated 68% annually to 111. This surge reflects both the increasing integration of AI technologies across business operations and the emerging security challenges that accompany these advanced systems. Companies are responding to demand from organisations seeking to protect their AI infrastructure and data from sophisticated cyber attacks.

The government initiative aims to address a challenging threat landscape that has seen significant escalation in recent years. The NCSC dealt with 204 nationally significant cyberattacks against the UK in the year to August 2025, underscoring the scale of the challenge facing British businesses and public sector organisations. The new pledge seeks to create a unified approach to cybersecurity across major employers and supply chains, ensuring that security is treated as a strategic priority rather than merely a technical issue.

The move is intended to help businesses reduce risk, protect their customers and build confidence across the wider economy. By requiring board-level engagement with cybersecurity issues, the government hopes to ensure that senior executives take ownership of digital security risks and allocate appropriate resources to address them. The requirement to join the NCSC Early Warning Service will provide organisations with timely intelligence about emerging threats, while the push for Cyber Essentials certification across supply chains aims to raise baseline security standards throughout entire business ecosystems.

The timing of the pledge coincides with broader legislative efforts to strengthen the UK cybersecurity framework. The Cyber Security and Resilience Bill would expand existing cybersecurity regulations to cover many managed IT companies, data centers, energy companies and critical suppliers to essential services, require organizations to report harmful cyber incidents within 24 hours, and in cases of serious breaches, impose tougher penalties based on a company turnover. This represents a more comprehensive regulatory approach that will mandate certain security practices rather than relying solely on voluntary compliance.

The economic figures released alongside the pledge announcement paint a picture of a thriving sector that is becoming increasingly central to the UK economy. The nearly 70,000 people employed in cybersecurity roles represent a highly skilled workforce commanding premium salaries and contributing to innovation across the technology sector. The sector includes a diverse mix of companies, from small startups developing niche security tools to large established firms providing comprehensive managed security services to major corporations and government agencies.

The voluntary nature of the Cyber Resilience Pledge has drawn attention, as it will rely on companies choosing to commit to the three key actions rather than being legally compelled to do so. Government officials are banking on a combination of reputational incentives, competitive pressure, and recognition of genuine business risk to drive adoption among major employers. The pledge is expected to be formally launched this summer, with the government reaching out to FTSE 350 companies and other major organisations to encourage sign-up.

Industry experts have noted that the focus on supply chain security is particularly significant. Many successful cyberattacks in recent years have exploited vulnerabilities in smaller suppliers that have access to larger organisations, making supply chain security a critical weak point. By requiring Cyber Essentials certification throughout supply chains, the pledge aims to raise the security baseline across entire business networks, making it harder for attackers to find entry points through less-protected partners or vendors.

The substantial growth in AI-focused cybersecurity firms reflects broader trends in the threat landscape. Cyber criminals are increasingly using artificial intelligence to enhance their attacks, creating more convincing phishing emails, automating vulnerability discovery, and scaling their operations. This has created demand for defensive AI tools that can detect and respond to threats faster than human analysts, as well as specialised security measures to protect AI systems themselves from manipulation or data theft.

As the UK cybersecurity sector continues to expand, the government is positioning the country as a global leader in digital security innovation. The combination of strong economic growth, expanding employment, and new policy initiatives signals a coordinated effort to build comprehensive cyber defences while also developing the commercial capabilities that can be exported to international markets. The success of the voluntary pledge and upcoming legislation will likely influence how other nations approach the challenge of protecting their digital economies from increasingly sophisticated cyber threats.