About usSmart CitiesProject managementEducationAerospace
Future of TaxCareers in Tech & EngineeringFuture of workSupporting SMEsSport
Business ResilienceNational Inclusion WeekEmployee WellbeingSTEMFinance
Entrepreneurs & SMEsArtificial IntelligenceSupply Chains & LogisticsGaming & EsportsLife sciences
Business TravelDigital TransformationTransportRetail & E-CommerceManufacturing
Supply ChainManaging Your MoneyBusiness TransformationHealthcareEdTech
ApprenticeshipsSustainable BusinessSustainable LivingTransforming the WorkplaceWomen in business
Digital HealthClient survey
Home » Cybersecurity & Cloud Computing 2025 » Why professionalism matters for cybersecurity
Cybersecurity & Cloud Computing 2025

Why professionalism matters for cybersecurity

Vanessa Henneker

Chief Operating Officer, UK Cyber Security Council

    The Standard of Professional Competence and Commitment (UK SPCC) offers a national benchmark, en-suring accountability, ethical integrity and verified expertise in a rapidly evolving industry.

    Cyber threats are escalating, yet cybersecurity remains a mainly unregulated profession with inconsistent standards. Unlike medicine or law, the cybersecurity profession lacks a universal accreditation system, leaving room for variable expertise and ethical concerns.

    Cybersecurity trust and competence

    Introduced in 2021, the UK Cyber Security Council’s Standard of Professional Competence and Commitment (UK SPCC) offers a solution by ensuring practitioners meet a nationally recognised benchmark of competence and integrity.

    Cybersecurity is a profession where individuals enter the field through varied routes, from computer science degrees to self-taught pathways. This competence standard was created in partnership with the Government, industry and academia to create a universal mechanism to assess expertise, introduce ethical accountability and address malpractice.

    The Council has also mapped the profession into a series of ‘specialisms,’ which cover the vast majority of current cyber roles. By contextualising the SPCC for a selection of these specialisms, individuals have been able to go through a peer assessment process to demonstrate their skills and experience against this nationally recognised Standard.

    Without a formalised professional
    standard, the industry remains
    vulnerable to inconsistencies.

    Why is UK SPCC important for industry?

    As someone who has gone through the process of becoming a Chartered Cyber Security Professional in the Security Testing specialism, Tamar Everson from Arcanum knows the importance of assessment to prove competence and trust.

    Everson says: “It has always been a challenge for organisations to identify high-quality cybersecurity vendors. The rigorous assessment we undergo as part of the professionalism process means that organisations can trust the expertise of the individuals carrying out work in a way that was previously difficult to verify.” 

    Industry standards for cybersecurity

    Cybersecurity is critical to national security and business resilience. Without a formalised professional standard, the industry remains vulnerable to inconsistencies. Becoming professionally registered offers a path to professionalism, ensuring accountability, ethical integrity and a trusted benchmark of excellence. Now is the time to elevate cybersecurity into a mature, structured profession that society can depend on.

    Author
    Vanessa Henneker
    Next
    Share Share
    Topics
    Cybersecurity & Cloud Computing 2025
    Next article