ao link
0 £0.00
This item was added to your basket
Credit Strategy homepage
Intelligence, Insight and community for responsible professionals in credit

HMRC spends £260,000 on staff cybersecurity training

HMRC has spent £262,251 on cybersecurity training for its staff over the two most recent financial years.


According to data obtained under a Freedom of Information request by thinktank Parliament Street, HMRC spent £150,456 on security training in 2019/20, compared to £111,795 in the most recent financial year. This equated to 80 training enrolments in 2020/21, and 69 in 2019/20 for staffers operating in the chief digital and information officer group. All HMRC staff were, however, made to complete a compulsory course on phishing attacks, which was free of charge.


HMRC’s most expensive security training course in 2020/21 - which was not available in 2019/20 - was a residential course to become a certified cloud security professional, which cost HMRC £34,103 to train seven staffers.


Additionally, 11 employees went on a six-day bootcamp to become certified information systems security professionals, while nine people enrolled in an “introduction to cybersecurity” course.


Area vice-president in EMEA at cybersecurity firm Absolute Software, Edward Blake said: “Organisations which handle large volumes of personal financial information like HMRC are a top target for cybercriminals, so ensuring staff are fully trained with the latest cyber skills is essential to prevent a potential data breach.


“With the Covid-19 pandemic forcing many employees to work from home, it’s also critical that organisations like HMRC ensure they have complete visibility into the security standards across all devices such as laptops, to ensure encryption is turned on and cyber protection is in place for each and every employee.”

HMRC is one of the most impersonated organisations in the UK for cyber scams, with Covid-19 causing a 73% surge in HMRC-branded phishing scams.

Cyber specialist and chief executive of security software company Tessian, Tim Sadler said: “Security training plays an extremely important role, but it needs to be more than just a compulsory, one-off session if the learnings are going to stick. As companies invest heavily in security training, they must ensure that the programmes resonate and help employees think twice before clicking on a scam.


“It’s telling that staff were most interested in a training course on the art of hacking. Research shows that people learn best when training is relevant and contextual, so educating staff on the ways they could be targeted in phishing emails and teaching them the techniques that cybercriminals use to trick them, is a really effective way of raising awareness of threats and helping people to realise they are being scammed.”


Please login to continue reading this article.

Not a member?

Become a member

FREE registration. No credit card required

Register now
  • Stay up-to-date with industry news and appointments
  • Hear about events first
  • Read 1 free Premium article per month

Become a premium member

From as little as £3.48 per week

Become Premium
  • All the perks of a standard member plus:
  • Access to the entire Credit Strategy website
  • 12 months subscription to Credit Strategy Magazine
  • 25% discount to all conferences
  • Exclusive access to Premium Member only roundtables
  • 50% off award entry fees



PSR publishes five-year strategy for improved payments market

PSR publishes five-year strategy for improved payments market

Clearpay’s parent company records 110% profit growth

Clearpay’s parent company records 110% profit growth

Klarna records year-on-year operating income increase

Klarna records year-on-year operating income increase

Upcoming events

Credit Strategy
LinkedIn page

Member of

Did you find our website useful?

Thank you for your input

Thank you for your feedback – an online news and information service for the UK’s commercial and consumer credit industry. is published by Shard Financial Media Limited, registered in England & Wales as 5481132, Axe & Bottle Court, 70 Newcomen St, London, SE1 1YT. All rights reserved. Credit Strategy is committed to diversity in the workplace. @ Copyright Shard Media Group