Question to the Department for Science, Innovation & Technology:

To ask His Majesty's Government, with reference to their policy statement on the Cyber Security and Resilience Bill, published on 1 April, what assessment they have made of the potential increase in regulatory burdens on cybersecurity professionals.

Cyber criminals are attacking our public services and businesses with increased frequency, costing billions of pounds per year. The Cyber Security and Resilience Bill will protect more digital businesses than ever, essential services that the public rely on and our national security. The government is committed to minimising additional costs to business and will set out a full assessment of this in an impact assessment, to be published upon introduction of the Bill.

My department is working across government, including working closely with departments who act as cyber sector regulators, to deliver the government’s commitment to reducing the gap in cyber skills. Our assessment of this is set out in the Cyber Security Skills in the UK Labour Market Survey. The priority skillset for the Bill will be the Audit and Assurance specialism, as defined by the UK Cyber Security Council. We have made strides in reducing the gap in these skills this year with a reported fall to 18%, down from 28% in 2023.