Skip to content

What the UK Cyber Security Council does

The purpose of the UK Cyber Security Council (“the Council”) is to support the UK Government’s National Cyber Security Strategy to make the UK the safest place to live and work online, and aims to leverage all available expertise, relevant standards and guidance to deliver practical advice to the profession.

The Council:

  • champions the cyber security profession across the UK
  • provides broad representation for the industry
  • accelerates awareness; and
  • promotes excellence in the profession.

It does this by:

  • delivering thought leadership, career tools and education resources to the cyber security sector and those seeking to enter the sector
  • helping influence government, industry and academia with the aim of developing and promoting UK cyber security excellence globally; and
  • growing the UK’s cyber security skills base


Our four focus areas


Professional development

A key purpose of the Council is to support the professional development of those working in or aspiring to work in the cyber security profession. It also seeks to support employers and individuals as they make career-shaping decisions about the need for cyber security skills, development and recognition through certification and Chartered Status.

The Council achieves this by:

  • mapping routes into and through the cyber security profession
  • signposting essential skills
  • defining career pathways
  • removing complexity; and
  • demystifying the profession

With an objective of ensuring a common level of knowledge for those aspiring to or achieving the appropriate grades, the Council’s work includes establishing a professional qualification framework, mapping criteria to appropriate skills and qualifications including The Cyber Security Body of Knowledge (CyBOK).


Outreach and diversity in cyber security to develop the next generation

Supporting and improving diversity in the UK cyber security sector is at the forefront of the Council’s aims, to broaden the skills base and overcome actual and perceived barriers to entry and progression.

Core to achieving this will be building a vibrant and inclusive national network of industry, government and education partners to provide nationwide events to attract people into the cyber security community from all parts of society, promote dialogue and the sharing of best practice.

The Council will promote cyber security as an attractive and rewarding career option for people of all ages, including those recently in education and those already in work looking to career change or progress on an existing cyber path.

Find more details on the Council's emphasis on diversity and inclusivity here.


Professional ethics

Building and maintaining public confidence is a core principle of the Council. At the heart of the Council’s operations and Terms of Reference is a Code of Ethics for the participating organisations as well as individual professionals. These provide the guiding principles within which the participating organisations and individual professionals can demonstrate good practice.


Thought leadership and influence

The Council recognises that those in the profession need strong leadership in all areas that their decisions involve – technical, business and risk/cost, while those yet to enter it need guidance and clear direction on how to successfully join the sector, develop their skills and progress a long and successful career. Through a variety of content and engagement platforms, the Council is structured to provide coordinated strong leadership to the profession and industry in the UK, as well as outside of the cyber security sector.

The Council’s role enables it to engage with and inform Government policy and regulation development by:

  • acting as an expert body
  • identifying where new policies are required; and
  • advising on regulations or statutes that include an aspect of cyber security.

The Council will also help to forge and nurture essential international links, while working with industry and regulators to further the cause of the sector and to ensure needs are understood on both sides. The Council’s remit also includes working with standards bodies to agree those standards that define cyber security (which includes but will be wider than the ISO 27000 series).