Collection

Cyber resilience

Details of the government's cyber resilience policy for businesses and organisations.

Businesses and organisations are increasingly dependent on digital technologies, which are at risk of being disrupted by cyber attacks. The government is therefore investing £2.6 billion in the National Cyber Strategy to protect and promote the UK online.

‘Cyber resilience’ is the ability for organisations to prepare for, respond to and recover from cyber attacks and security breaches. Cyber resilience is key to operational resilience and business continuity, as well as the growth and flourishing of the UK economy.

What we do

Responsibility for delivery of the National Cyber Strategy 2022 lies across a broad range of departments which are jointly responsible for setting policy on the UK’s cyber resilience. These include the Cabinet Office, Home Office, the Department for Science, Innovation and Technology (DSIT) and individual lead government departments for critical national infrastructure (CNI) sectors. The policies cover CNI, government, businesses of all sizes, academia, charities and individuals.

The National Cyber Security Centre and law enforcement partners play a critical delivery role in providing incident response support to cyber attacks, and setting out advice and guidance for how to stay secure in an increasingly digital world.

This page sets out DSIT policy work. DSIT leads policy on cyber resilience across organisations in the wider UK economy. We do this by developing regulation and incentives to improve cyber security practices, informed by assessment and analysis of evidence.

This page will be updated as further policy and research documents are made available.

Guidance and tools to improve cyber resilience

A full range of guidance and support can be found on the National Cyber Security Centre website.

Other research reports

Cyber resilience policy

DSIT policy work on cyber resilience is set out below. This includes evidence and analysis, policy position papers, and press announcements.

Research and statistics

Research reports and official statistics which support the government’s cyber resilience policy, including the annual cyber security breaches survey.

Updates to this page

Published 21 December 2020
Last updated 9 April 2024 + show all updates
  1. Added details of the Cyber Security Breaches Survey 2024.

  2. The wave three results of the cyber security longitudinal survey have been added to the page.

  3. Link added to research on managed service providers.

  4. Updated to include new work on cyber governance and software security, which was published on 23 January 2024.

  5. Added links to new research (2023 Breaches Survey; Cyber Essentials research) and new guidance (Secure Connected Places Playbook.)

  6. Added links to the software security call for views, and the cyber security longitudinal survey.

  7. Added new documents to the collection: Cyber security breaches survey 2022 and press notice; Second NIS post implementation review.

  8. Added details of the Cyber Security Incentives & Regulation Review and two new consultations on improving cyber resilience.

  9. Added links to new documents published this week, including the government's response to a consultation on supply chain cyber security, new research on cyber resilience, and the government's response to a call for views on amending the NIS regulations.

  10. Added details of the 2021 Cyber Security Breaches Survey & press notice

  11. Added a link to the new Cyber Aware campaign for sole traders and small businesses.

  12. First published.