UK cyber council launches title for first-time entrants

The UK Cyber Security Council has launched the Associate Cyber Security Professional title, a new registration aimed at people seeking their first cyber security role.

Now open for general applications following a pilot phase, the title will become a permanent part of the Council’s professional registration framework. It brings the total number of Council titles to four, alongside Practitioner, Principal and Chartered.

The launch comes as employers continue to report cyber skills shortages. The Department for Science, Innovation and Technology’s latest Cyber Security Skills in the UK Labour Market report found that 50% of UK businesses have a basic cyber skills gap, while 49% of cyber firms struggled to fill technical roles over the past year.

The new title is intended to address a common barrier to entering the sector: candidates often need experience to secure a first role, but need a first role to gain that experience.

Under the scheme, applicants must submit evidence of competence across five areas. It is open to people who are ready for, or already in, their first cyber security role, and recognises academic study, self-directed learning, certifications, bootcamps, apprenticeships and experience gained in other careers.

Some applicants will be able to fast-track the process if they hold qualifications, training or certifications already aligned with the title’s competency requirements.

Professional register

Unlike other certifications or qualifications, the Associate Cyber Security Professional title places successful applicants on the UK’s Cyber Security Professional Register, which the Council describes as the sector’s only route to formal professional registration.

Registration shows that an individual meets the standards set out in the UK Cyber Security Standard for Professional Competence and Commitment. To remain on the register, title holders must also complete 75 hours of continuing professional development over three years.

The title is designed to give employers a clearer benchmark when recruiting for entry-level roles, covering technical competence, ethical standards and a commitment to ongoing development.

Established by Royal Charter, the organisation has a public interest mandate to set and uphold professional standards for the cyber security sector. It said the Government recently recognised its role in strengthening national cyber resilience through the Cyber Resilience Action Plan and work on a new cyber profession aligned with the Council’s standard.

In a statement, Giles Grant said: “There are so many people who have the skills and drive for a career in cyber security but struggle to prove it to employers. The Associate title changes that. It gives individuals a credible, government-backed way to demonstrate their readiness for their first cyber role, while giving employers the confidence to hire them. This is a hugely important step in closing the cyber skills gap and ensuring the UK has the pipeline of cyber security professionals it needs.”

The registration is intended to widen the pool of candidates available to recruiters by recognising several routes into the profession rather than favouring a single educational pathway. That may be particularly relevant for employers seeking junior staff in a labour market where vacancies have remained difficult to fill.

More broadly, the launch reflects a wider effort to formalise cyber security as a profession with defined standards and recognised stages of progression. With more than 1,000 professionals already on the register, the Associate title extends that structure to people at the start of their careers.

Applications for the new title are open until 17 May.