HMRC spends thousands on cyber security training

HMRC has spent £262,000 on cyber security training for its staff over the past two years, according to official figures.

The numbers were obtained by Parliament Street under a Freedom of Information request.

£150,000 was spent on security training in in 2019-2020, compared to £111,000 in the most recent financial year.

This equated to 80 training enrolments in the financial year 2020-2021, and 69 in the previous year for employees working in the chief digital and information officer group.

All 9,500 HMRC staff were made to complete a compulsory course on ‘phishing attacks.’

The most popular security training course in the chief digital and information officer group was one that certified employees in the art of hacking, which saw 12 attendants for a cost of nearly £16,000.

The most expensive security training course in FY 20-21, which was not available in FY 19-20, was a residential course to become a Certified Cloud Security Professional. This cost £34,000 to train seven staffers.

11 employees went on a six-day bootcamp to become certified information systems security professionals. Two trained to become certified in ethical hacking, while nine enrolled in an ‘introduction to cyber security’ course.

HMRC is one of the most impersonated organisations in the UK for cyber scams. The government body has seen a 73 per cent surge in HMRC-branded phishing scams during the pandemic, according to the think tank.

“Organisations which handle large volumes of personal financial information like HMRC are a top target for cyber criminals, so ensuring staff are fully trained with the latest cyber skills is essential to prevent a potential data breach,” said security expert Edward Blake, from Absolute Software. “With the Covid-19 pandemic forcing many employees to work from home, it’s also critical that organisations like HMRC ensure they have complete visibility into the security standards across all devices such as laptops, to ensure encryption is turned on and cyber protection is in place for each and every employee.”

    Share Story:

Recent Stories


Bringing Teams to the table – Adding value by integrating Microsoft Teams with business applications
A decade ago, the idea of digital collaboration started and ended with sending documents over email. Some organisations would have portals for sharing content or simplistic IM apps, but the ways that we communicated online were still largely primitive.

Automating CX: How are businesses using AI to meet customer expectations?
Virtual agents are set to supplant the traditional chatbot and their use cases are evolving at pace, with many organisations deploying new AI technologies to meet rising customer demand for self-service and real-time interactions.