The UK government has issued a direct call to businesses to strengthen their cyber defences against a rapidly evolving AI-enabled threat landscape, as new figures confirm the UK’s cyber security sector has grown 11% to £14.7 billion – with the number of firms up 20% to 2,603 in the past year alone.
The announcements, made on 12 May by Cyber Security Minister Baroness Lloyd, are backed by £90 million of government investment in cyber resilience across the economy and the continued passage of the Cyber Security and Resilience Bill through Parliament following the King’s Speech.
The AI Threat Is Accelerating
At the heart of the government’s messaging is a stark warning: traditional cyber defences are no longer sufficient. A new generation of AI models is lowering the barrier for cyber criminals, enabling them to identify vulnerabilities and execute attacks at a speed and scale that would have been impossible even twelve months ago. Recent figures show 43% of UK businesses experienced a cyber breach or attack in the past year.
Research by the AI Security Institute – which the government describes as “the most advanced capability of any government in the world for understanding frontier AI systems” – has examined the implications of frontier models for cyber attack capability. Ministers are urging organisations to move from reactive postures to smarter, more resilient architectures that can limit the impact of breaches rather than simply attempting to prevent them.
The Cyber Resilience Pledge
Central to the government’s response is a new Cyber Resilience Pledge, launching later this year, which sets out three concrete actions organisations can commit to: making cyber security a board-level responsibility; signing up to the National Cyber Security Centre’s free Early Warning Service; and requiring Cyber Essentials certification across their supply chains.
That third commitment carries particular significance for the defence supply chain. Cyber Essentials is already a baseline requirement for many MoD contracts, and extending the expectation of certification across broader supply chains signals a direction of travel that defence procurement professionals should be planning for now. Ministers have written directly to leading UK companies inviting them to sign up, and the government is backing the initiative with the £90 million resilience investment.
A Growing Market for UK Cyber Businesses
For the cyber security industry, the government’s figures paint an strongly positive picture. The sector created 2,300 jobs in the past year, driven by rising demand from businesses and public services investing in stronger protection. Notably, the number of UK firms offering cyber security products or services specifically for AI grew by 68% in 2025 compared to the previous year — a striking indicator of where the next wave of market demand is forming.
Baroness Lloyd said cyber security was “now fundamental to economic growth, job creation and the resilience of the services people rely on every day,” and called on CEOs to “harness the expertise and innovation of UK cyber startups, building partnerships that drive the development and adoption of advanced solutions.”
Implications for Defence Suppliers
For businesses operating in or supplying into the UK defence sector, several threads in today’s announcements deserve close attention. The Cyber Security and Resilience Bill will place new statutory requirements on critical national infrastructure operators and essential services — a category that increasingly overlaps with defence-adjacent industries including energy, data centres and communications. Supply chain cyber certification requirements are likely to tighten further as the bill progresses.
At the same time, the growth of the UK cyber sector and the government’s explicit encouragement of partnerships between large organisations and cyber startups points to a buoyant commercial environment for businesses with relevant capability – particularly in AI-enabled threat detection, memory-safe system architecture and resilience engineering.
With defence spending rising, digital transformation accelerating across the MoD, and the threat landscape intensifying, cyber security’s position as a core defence procurement priority is only going to strengthen.
Post written by: Vicky Maggiani
Vicky has worked in media for over 25 years and has a wealth of experience in editing and creating copy for a variety of sectors.
RELATED ARTICLES
May 13, 2026
Homeland - Hidden exposure in defence delivery models
Following the introduction of Joint and Several Liability rules that change how financial and compliance risk is distributed across defence
May 12, 2026
Homeland - China-linked botnets are now the dominant covert-network threat against UK organisations
The National Cyber Security Centre and international partner agencies have reissued and reinforced an advisory warning that China-nexus actors are
