Closed call for evidence

Call for views - survey questions

Published 23 February 2024

This was published under the 2022 to 2024 Sunak Conservative government

All questions are optional. Respondents can reply to those questions which are most relevant to their organisation.  

To respond online, please complete the call for views survey.

If you would like to submit your views directly to the Review Secretariat for Stephen McPartland MP’s consideration, please send an email to cyber.review@dsit.gov.uk

The survey is open until 23:59 on Thursday 28 March.

Section 1: Giving business confidence to digitise faster, building on investment in more secure online environments.  

The review will seek evidence to assist businesses to make the case for investment. Where businesses have successfully used cyber security as a market differentiator and as an enabler of innovation, the review will consider the success factors and how further economic benefits could be gained. 

  1. What are your organisation’s main barriers or challenges to digitising faster or more securely?  

  2. Have you successfully used cyber security as a competitive advantage or source of innovation in your industry or market?  

  3. How do you communicate and demonstrate the value of cyber security to your customers, partners, and stakeholders?  

  4. What are the challenges to identifying return on investment in cyber security in your organisation and/or industry?  

  5. How important is it for your organisation to seek supply chain partners that can demonstrate high cyber security standards? 

Section 2: Increasing support for UK business’s adoption of good cyber security practices.  

The review will look at a range of issues businesses face, including the real-term cost of cyber security, and how they could be driven down. 

6.How do you identify the cyber skills your organisation needs?   

7.What are the barriers and challenges you are facing in employing cyber security professionals?   

8.How can the UK build a technically skilled cyber security workforce to fill these gaps?  

9.What sources or guidance do you use to improve your cyber security practices?   

Section 3: Fostering greater awareness, accountability, and acceptance of the benefits of cyber security through transparency measures. 

The review will consider how the information generated could be used to price insurance risk and in doing so help businesses better target their investments in cyber security. 

10.How do you manage the trade-offs between transparency and confidentiality in your cyber security disclosures and communications? 

Insurance market questions: 

11.To what extent does the open market correctly respond in the pricing of finance or insurance policies to account for cyber risk? 

12.To what extent would the increase of data sharing on cyber security incidents lead to companies accurately pricing cyber risk? Should there be any additional governance or audit type requirements to declare/share cyber risk data with government or ratings agency? 

Section 4: Minimising costs borne by businesses and consumers.  

The review will look at how investment in security can be a demonstrable enabler of growth.  

13.How do you optimise the efficiency and effectiveness of your cyber security processes and systems?  

14.How do you measure and balance the costs and benefits of cyber security investments and interventions in your organisation? 

Section 5: Opening markets for UK businesses through mutual recognition of our domestic standards on the international landscape.  

The review will look at how cyber security standards could be used to boost opportunities for UK businesses.

15.How do you collaborate and coordinate with other UK businesses and government agencies to promote and advocate for domestic standards on the international landscape?  

16.How do you ensure the compliance and alignment of your cyber security standards and practices with the international norms and regulations? 

Other 

17.Is there anything else you would like to respond with to this review that can help demonstrate how investment in cyber security can be an enabler for economic growth?

Demographic questions 

1.Q. Are you responding as an individual or on behalf of an organisation? 

  • Individual 
  • Organisation  

2.Q. Which of the following statements best describes you? 

  • Academic 
  • Cyber security professional 
  • Governmental Affairs Professional 
  • Chief Technology Officer 
  • Chief Executive Officer 
  • Interested member of the public 
  • Other [if selected, then a please specify text box appears] 

3.Q. [If organisation] Is your organisation in the public or private sector? 

  • Private 
  • Public 
  • Third sector 

4.Q. [If private] Which of these descriptions fit the primary activities of your organisation? 

  • [dropdown UK Standard Industrial Classification (SIC) list] 

5.Q. [If public] What type of organisation are you answering on behalf of? 

  • Central government 
  • Local government 
  • Public services  
  • Other [please specify]  

6.Q. [If organisation] Do you carry out any core business activities, or offer products or services, that are related to cyber security? 

  • Yes 
  • No