
Greg Dakin

Why Cyber matters more than ever
Cyber attacks are a key risk for all government departments. As we undertake digital transformation to deliver more efficient services to the taxpayer, we also increase the risk posed by cyber attacks.
This year sees the launch of the new Cyber Profession for Government, as part of the Government Cyber Action Plan. Recognising cyber as a distinct profession is an important step in closing skill gaps when cyber-attacks are becoming more complex and dangerous.
As part of this change, I am delighted to join the Department for Business and Trade (DBT) as its first Chief Information Security Officer (CISO), to lead our cyber team and champion the new profession. I bring expertise from more than 20 years in information security roles spanning a range of industries. I look forward to applying this as our work in cyber assurance and governance grows.
Introducing the new Cyber Profession
Previously, cyber security was a specialism within the Security Profession, reflecting its close relevance to safeguarding sensitive information, assets, and systems.
But as the complexity and frequency of attempted cyber-attacks has increased, demand for skilled cyber professionals is far greater than supply. This problem is not unique to government. A 2025 report found that nearly half of UK businesses had a basic skills gap in basic cyber security and incident response.
Repositioning cyber security as a distinct, multidisciplinary profession will support a greater emphasis on recruiting and upskilling to address this skills gap.
Keeping it closely aligned with the Security and Government Digital and Data professions reflects our dedication to being both technically innovative and rigorously adherent to standards.
The launch of the Government Cyber Profession is an important development across the entirety of government and potentially industry.
The change will allow us to nurture skilled and dedicated teams of cyber professionals who will ultimately make our services more secure and more reliable.
Role of the Chief Information Security Officer
Carving out cyber as its own profession clarifies responsibility and accountability.
As part of this shift in responsibility, departments are introducing Chief Information Security Officers (CISOs), to be solely accountable for information and cyber security. This is an important indicator that we are taking cyber security seriously. As CISO, I speak with authority on cyber matters, ensuring that they get proper attention in decision-making.
As part of my role, I connect DBT to cross-government cyber efforts, liaising with the central Government Cyber Unit and coordinating with my fellow CISOs in other departments.
What does the cyber team do?
Effective leadership only has impact when it is supported by strong operational teams. At DBT, we have a cyber function with a wide range of specialist skills.
We work across several layers of security to protect us from threats. These are:
- Security Operations, who are responsible for detecting malicious and suspicious activity
- Cyber Security Architecture, who develop the frameworks, infrastructure and strategies for security
- Governance, Risk and Compliance, who manage our risk register and policies, and educate the department on how they must contribute to cyber security
- Strategy, Programmes and Change, who manage cyber transformation initiatives
As you can see from the breadth of work the team does, cyber security requires skillsets that span risk assessment, digital literacy, data and software competencies, engagement and strategy. This is why we need a dedicated profession to help us recruit the talented individuals that we need for such important work.
The significance of a separate profession
Unifying and creating an identity for Cyber Security will help us to provide career pathways and learning and development opportunities. By standardising and mapping roles to core competencies and requirements for Practitioner, Principal and Chartered status, we can offer our talented cyber professionals meaningful progression and motivation.
The aim of the new Government Cyber Profession is to make the government the best place to work for cyber professionals.
“It feels like an exciting time to be working in cyber. As someone without a traditional cyber background, I’m particularly encouraged by DSIT’s investment in new and diverse talent - spotting potential and developing it into real expertise. Just as importantly, it helps make cyber a more visible profession with a clear career pathway and opportunities for progression.” - Amy Byrnes, Cyber Analyst (Governance, Risk and Compliance)
This emphasis on development and career pathways will benefit the whole department. The 2025 State of Digital Government Review found that many leaders in the public sector had insufficient technical expertise or training to deliver their objectives. Creating new digital career pathways through the cyber profession will open new opportunities to promote technical people into leadership roles. It will also support the Prime Minister’s goal to have 1 in 10 roles in digital, data or cyber by 2030.
What the change means for our users
“The new Cyber Profession brings value through shared leadership, common standards and consistent ways of working across government. This means clearer expectations, faster decisions, and ultimately better protection of the services our users rely on.” - Amy Byrnes, Cyber Analyst (Governance, Risk and Compliance)
Galvanising the disparate threads of cyber security into a unified profession will not only benefit our direct team, but the whole department. With stronger accountability and a reduced skill gap, we will have greater cyber resilience and improved ability to proactively manage risk. There will be clearer routes into leadership for those with cyber security skills, and a more authoritative voice at senior level advocating for cyber security.
As part of the profession, we will have access to central support including cost-effective digital solutions, shared expertise and rapid deployment of technical teams. This support will allow us to achieve a higher level of security than we could do alone.
What will this mean for the businesses we serve? With greater resilience comes less downtime and increased trust in how we handle data. Businesses will experience this as more reliable and secure online services, and increased confidence in DBT’s ability to support them.
Conclusion
The introduction of the Cyber Profession reflects the government’s commitment to strengthening our defences, improving confidence in our services, and supporting our people in times of change.
Our cyber professionals will have a wealth of opportunities for progression and development. These will ultimately help us to deliver safer, more reliable services for those who depend on them. Explore how the Cyber Profession will support your development and the resilience of your services.


Leave a comment