UK’s Cyber Resilience Pledge gathers momentum as 60 firms sign up to bolster capabilities

The voluntary pledge sees organizations tightening up their defences, particularly against supply-chain attacks

UK tech map with Great Britain and Northern Ireland pictured on a screen.
(Image credit: Getty Images)

The UK government said more than 60 businesses have signed up for its Cyber Resilience Pledge so far, including M&S, Nationwide, ITV, Microsoft UK, and Cloudflare.

Announced in May, the voluntary scheme sees businesses committing to three concrete actions to improve cybersecurity capabilities.

They must commit to making cyber security a board-level responsibility, by implementing the Cyber Governance Code of Practice and ensuring all board members complete the NCSC’s Cyber Governance Training.

They must also register for the NCSC’s free Early Warning service, a tool that alerts organizations to potentially suspicious activity on their networks, and commit to taking a risk-based approach to requiring the government-backed Cyber Essentials certification across their supply chain.

Latest Videos From

The pledge has been designed primarily for medium and large organizations, with other signatories including Deloitte, Accenture UK, Vodafone Group, and VodafoneThree, but is open to businesses of all sizes and from all sectors.

"Today, some of Britain’s biggest businesses are taking action to strengthen their cyber defences and setting a powerful example for others to follow. By signing this pledge, they are showing that cyber resilience is no longer just an IT issue - it is a business imperative," said technology secretary Liz Kendall.

"The steps in this pledge are practical, achievable and proven to make a difference. Today’s signatories are leading the way, and I encourage organizations across the UK to follow their example."

Cyber Charter to beef up critical services

Alongside the pledge, the government has been developing a Cyber Charter for 39 companies designated as strategic suppliers for delivering critical services to the government.

These organizations have been invited to sign the pledge as an initial commitment to bolstering their cyber resilience, although so far only a little more than half have done so.

"We have long held the view that cyber resilience is a critical business and organizational enabler. It underpins our growth, our economic security, and the safety and security of our people," said Julian David, CEO of techUK.

"With the average cost of significant cyber-attacks to the UK economy recently estimated to be £14.7 billion annually – the equivalent of 0.5% of our GDP – it’s clear that cyber security and resilience must be recognised as a leadership responsibility and should no longer be viewed as an IT issue alone."

Pledge targets national resilience

Moves to bolster national resilience capabilities come amidst an increase in malicious cyber activity in the UK.

The National Cyber Security Centre (NCSC) recently confirmed it handled 204 nationally significant incidents in the year to September, up from 89 the year before.

The average cost of an attack on an individual UK business now stands at almost £195,000, with the annual cost to organizations estimated at £14.7 billion - and that’s in addition to the costs of wider economic disruption.

Last year, experts estimated that the attack on Jaguar Land Rover (JLR) cost the UK economy roughly £1.9 billion, making it the most costly cyber incident in British history.

FOLLOW US ON SOCIAL MEDIA

Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.

You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.

Emma Woollacott

Emma Woollacott is a freelance journalist writing for publications including the BBC, Private Eye, Forbes, Raconteur and specialist technology titles.