More than four in 10 UK businesses lack the confidence and skills to face cyber threats, Ipsos research has revealed.

A new report commissioned by the UK Government into the cybersecurity labour market found businesses continue to struggle to get the expertise needed to manage cyber incidents.

More than two in 10 said they did not feel confident “at all” in dealing with a breach, with around half of businesses having only one person in charge of cybersecurity.

However, the study also found a mismatch in the urgency to bridge the gap, with incident management skills gap standing at 48 per cent, a rise of 20 per cent in the four years, yet only two in 10 businesses believe incident response skills were essential.

Meanwhile, the number of cyber security graduates has increased by a third in a year, but diversity in the talent pool continues to be an issue. Women represented less than 15 per cent of graduates at the undergraduate level, and less than a quarter at the postgraduate level.

There has also been a slowing of demand for cybersecurity professionals, with cyber role postings decreasing by almost 40 per cent compared to 2023. The government claims this might be due to macroeconomic issues and job cuts.

Back in February, Holyrood highlighted the extent of the skills gap issue north of the border. An exclusive poll revealed two thirds of public sector technology leaders believed support from the central government against cyber threats to be insufficient, with almost half confirming they had experienced a cyber-attack in their workplace.

Yet in the recent programme for government First Minister John Swinney pledged to “intensify” support for innovators and entrepreneurs to make Scotland a “start-up and scale-up nation” but fell short of announcing a bill or any specific measures to tackle the growing number of cyber threats in Scotland.