This is one of the 16 market profiles produced as part of the Economic Market’s foresight study commissioned by the North East LEP. It provides an overview of the future growth prospects for the Cybersecurity market globally, a summary of the enterprise base serving the market in the North East and relevant regional assets, and an analysis of how the continued convergence of global trends will affect future market development.
These markets were selected as those most likely to present opportunities for future regional growth in the North East LEP. This was done based on a trends analysis conducted by Frost and Sullivan, which identified 37 high impact trends driving continued change and growth in these markets globally. A shortlist of markets from this trends analysis was then cross-referenced against the current North East position by Cambridge Econometrics. This analysis identified the most significant opportunities for the North East LEP.
Each of these profiles also uses findings from the Data City platform to quantify the number of firms serving the Cybersecurity market in the North East. This platform links companies house data to companies’ websites and uses the website text and machine learning to classify firms into Real Time Industrial Classification Codes, which can allow analysis of markets often too emergent to be precisely measured in SIC codes. The data from this platform has been triangulated against ONS data to consider a variety of perspectives on the market.
More detail about the methodology can be found here for the 16 market profiles.
Emergent status
in the North East and associated value chain
National scope
National scope in terms of firm activities and ownership
Moderate presence
sightly more firms with locations in the North East than the national average
Description and global outlook
Cybersecurity is the set of services employed using processes and controls, through technologies to protect online devices, networks, programs, systems, and data bases from unauthorised access and exploitation, referred to as cyber-attacks.
These cyber-attacks can range from phishing mails, account hacking, taking over of webpages or sabotaging entire processes or connected networks across industries.
Market drivers
The Cybersecurity market is growing in demand due to the increasing threat of unauthorised hacking or exploitation of vulnerabilities across online systems. Implementation of AI, cloud, and data analytics is expected to boost the cyber-security market.
There is also increasing demand for decentralised security implementation across enterprise systems (cyber security mesh), which eliminates the constraints of limited boundaries seen with traditional approaches.
During COVID-19 the demand for online platforms and services significantly increased across several sectors, which prompted further expenditure and demand for cyber-security systems.
Some of the key challenges for the cyber security market are:
the high cost of solutions
lack of awareness among users leaving the system vulnerable
exponentially growing connected networks making the implementation increasingly challenging
Scale and scope of global market
The global cybersecurity market was estimated to be US$ 156 billion in 2020, with the expected growth rate of CAGR 14.5% for the period of 2021-2026. North America is the largest cybersecurity market due to the presence of large number of IT and IT-enabled industries.
The emphasis on cybersecurity has enabled the US businesses to increase the adoption of ICT based solutions and explores new business models in a relatively safer environment.
The UK is the largest cybersecurity market in Europe. The spending on cybersecurity has been fuelled by rapid growth in digital services and online shopping. However, as the IT systems and interconnected services expand there is a need for customised solutions in cyber security. There is also a challenge with a large number of SMEs who often do not have adequate budget for optimum security implementation, making them vulnerable. Some of the leading global companies are McAfee, Palo Alto Networks, Darktrace, SecureLink, Nuance, Polychain Labs, LogRhythm, ThreatLocker, Red Sift, Hack The Box, and Generalli Global Assistance.
$156 bn
The global cybersecurity market was estimated to be US$ 156 billion in 2020, with the expected growth rate of CAGR 14.5% for the period of 2021-2026
Capital flows and FDI
Funding for ICT and Data ventures (VC and PE-based) rose by 183% between 2019 and 2020. This is expected to be higher in 2021, partly as a result of the COVID pandemic, but also buoyed by the increasing numbers of innovative startups and growth companies in the market across the UK. This represented 42.6% of all VC and PE investments made across the nation over the period.
As with other markets, the regional breakdown of this capital liquidity does not favour the North East, with an aggregated 1.1% of all investments made in the North East region. There appears to be significant regional differences in either availability of private capital, or the readiness of regionalised ventures to attract such investment.
Further exploration into the barriers to private capital flows into the region, and how public-sector initiatives can support the crowding-in of such capital, is suggested.
North East presence and capabilities
Regional overview
There are a number of firms and branches of organisations involved in cyber security. For example, OSYS Technology an electronic engineering consultancy with a strong research focus consultancy and engineering design in unique areas of expertise (Ground Penetrating Radar, Mobile Data Systems, Data Communications, Electronic Systems for challenging environments). Amicus ITS has a branch office in Newcastle and The Defence Science and Technology Laboratory (an executive agency of the Ministry of Defence) has a unit within the National Innovation Centre for Data in Newcastle.
More broadly in digital and software markets, the North East has established strengths in software development, programming, service centres and gaming and there is a rapidly growing North East FinTech sector. The region has MedTech, GovTech, and Connected Construction expertise; and AI / VR / Augmented Reality technical expertise.. Also the region hosts the Sage HQ – a FTSE 100 listed company – as well as hosting offices for Accenture, Ubisoft and Atom Bank.
The North East LEP area also has a rapidly developing data centre and connectivity role. Stellium Data Centres is the UK’s only cable landing station for the new North Sea Connect cable and the UK’s newest Internet Exchange Point. Can transfer data at 30 terabits per second. The Stellium campus comprises 12 IT halls within three separate data centres of Tier 3 standard.
In regards to R&D strengths and activity, North East Satellite Applications Centre of Excellence is based in NETPark, County Durham. Delivered by Sunderland Software City, Digital Catapult North East Tees Valley (NETV) supports businesses from across the region to encourage the growth and adoption of advanced digital technologies.
Key business and industry networks include:
SunderlandSoftwareCity
Digital City
Digital Union
Dynamo
VRTGO Labs/Proto Lab
Thinking Digital
North East LEP area has a strong and diverse university sector, with over 85,000 students studying at four universities: Durham University; Newcastle University; Northumbria University and University of Sunderland. In 2018/19 there were 31,475 enrolments in the four universities in the North East LEP area.
It has been a priority of the North East LEP to increase the enrolment in STEM qualifications.Overall, the change in total graduates between 2014/15 and 2018/19 and who studied a STEM related subject has been roughly in line with the UK average at around 10%. However, some subjects have experienced a much faster increase in graduates, most notably in computer science, where the number of graduates increased by over 40% in the space of four academic years, compared to 19% in the UK as a whole.
According to the North East LEP local skills report, 3.5% of employment in the area was in digital occupations, comprising 42,700 people - a smaller proportion than England as a whole (4.4%). However employment in these occupations has grown faster in the North East LEP area between 2015 and 2020 than nationally (Growth of 24% in the North East LEP area compared to 18% nationally). Notable occupations at the three digit level that grew faster than England excluding London between 2015 and 2020 were Information Technology and Telecommunications Professionals (grew by 39% in the North East compared to 19% in England excluding London) and Research and development managers (140% growth vs 27%)
Analysis of GVA and employment by SIC sectors
The table below summarises the findings from socio-economic data and economic forecasts for the IT Services industry. This is the most relevant SIC classification industry for cybersecurity that has Cambridge Econometrics forecasts available.
The IT Services industry employs 24,400 in the North East, with a similar share of regional employment to nationally. The sector, is highly productive, and has experienced a steep increase in employment and GVA. The outlook is forecast for a further increase in jobs and GVA growth.
The Data City Findings
The Data City provides company data based on an AI-driven taxonomy search of terms and content on company websites. This is then connected to companies house data for each company – and allows an aggregate analysis for new industry and market definitions. The data captures the number of business branches in the North East LEP area.
The Data City suggests there were 129 active cybersecurity firms in the North East LEP area in June 2022, representing 2.3% of the total cyber security firms in the UK.
Local Authority location quotients
The Data City data suggests that Gateshead, North Tyneside and Newcastle upon Tyne, Sunderland are centres for cybersecurity firms. Gateshead in particular had a very strong location quotient in the top 10 local authorities in the UK. North Tyneside and Newcastle were also in the top 40, while Sunderland had a moderate positive location quotient. All the other local authorities in the North East LEP area had location quotient below 1 meaning that they had fewer firms in cloud computing as a proportion of their buisness base than the national average.
Connections with other regions
Cybersecurity firms with a location in the North East LEP area are much more likely to have a location in more than one NUTS region than firms in the sector nationally. 66% of North East LEP area cybersecurity firms with a location in the North East LEP had at least one additional location outside the wider North East region, compared to only 25% of UK firms in the sector with a location in more than one NUTS region.
This is also reflected in the data on specific regions. Firms with a location in the North East LEP area were more likely to have an additional location in all NUTS region than UK firms overall. They also had particularly strong connections to Scotland, Northern Ireland and Yorkshire and the Humber.
Cybersecurity and sector crossover
One of the innovative features of the Data City methodology is that it allows firms to be classified in multiple sectors. The platform does so through real time industry classifications (RTICs), which are constantly evolving classifications generated by an AI from companies’ websites. Firms can be classified under multiple RTICs at any one time.
This means the data can be used to demonstrate interdependencies where sectors overlap. In terms of North East LEP cybersecurity firms, over 10% of these firms also operated in data Infrastructure, data landscape and fintech. Compared to nationally North East LEP cybersecurity firms are much more likely to operate in data landscape.
Overall, UK cybersecurity firms operated in 45 different RTICs, of which 20 were operated in by firms with a location in the North East LEP area.
Cybersecurity and subsectors
The Data City methodology also includes individual subsectors within the RTIC taxonomy which allows detailed analysis of the North East LEP’s focus within cybersecurity sector. Compared to nationally firms with a location in the North East LEP area were much more likely to operate in data landscape: enablers, as well as having a focus, on data infrastructure services, hardware and software.
Overall cybersecurity firms operating in the UK operated across 173 sub RTICs, 46 of which were operated in by firm with a location in the North East LEP area.
North East LEP Clusters
As indicated by the location quotients cybersecurity firms in the North East LEP area are concentrated Gateshead, Newcastle, and North Tyneside. There is a particular concentration of firms in-between Gateshead and Newcastle city centres.
Regional prospects
A critical part of this study is to shortlist which emergent markets represent “hot prospects” for the North East economy in the future. Using the findings from the study, and the assessment framework below, Cybersecurity is rated as a market with:
Emergent status in the North East
National scope in terms of firm activities and ownership
Moderate presence in the North East with 2.3% of firms in this market having a location in the North East (compared to 2% of firms across all sectors)
Cybersecurity has become fundamental to a healthy regional and national digital economy in recent years. The rapid growth of complex software and hardware ecosystems based on big-data has created substantial value for consumers and businesses. However, this success can only be sustained through an evolution in the way these platforms and business models are governed and protected.
As with many of the other data-centric markets, the North East region is well served in terms of a basic skills and innovation that could support growth in Cybersecurity GVA. There is a high level of collaboration and internal development from participants in the N.E. cybersecurity and resilience market. Additionally, the Office for Rapid Cyber Advancement North East (ORCANE) is being developed to accelerate the development of regional skills and competencies in the region, to compete with similar London-centric initiatives.
The North East cannot be complacent however, for as the table below shows, Cybersecurity is a major enabler to most markets considered as part of this study. This is particularly important in markets such as Power Generation, Smart Grids, Autonomous Vehicles and Fintech, where the North East already possesses significant regional capabilities. The impact of a successful growth plan for the North East in Cybersecurity could be substantial.
Despite the North East region’s rapidly developing capabilities in this area, headwinds from rapidly shifting regulatory and technical policy landscapes could also change the fortunes of early market operators and SMEs quickly. The North East lacks large, established blue-chip firms in this market that could add resilience and stable touchstones for the supply chain in such times. It is also important not to overlook the markets own dependencies in Data analytics and 5G. The region needs to work collaboratively to integrate this technology in wider markets and maintain its existing suite of competencies.
Despite the North East region’s rapidly developing capabilities in this area, headwinds from rapidly shifting regulatory and technical policy landscapes could change the fortunes of early market operators and SMEs quickly. The North East lacks large, established blue-chip firms in this market that could add resilience and stable touchstones for the supply chain in such times.
Cybersecurity is a major enabler to the majority of markets considered in this report. As such, the impact of a successful growth plan for the North East in this area could be susbtantial.
