Cyber security breaches survey: 2025
An annual survey about the experience and impacts of cyber breaches and attacks on organisations.
Documents
Details
The government is undertaking a survey of UK businesses, educational institutions and charities to find out how they approach cyber security and to learn more about the cyber security issues they face. The research informs government policy on cyber security and on how the government works with organisations to protect and promote the UK online.
Ipsos has been commissioned to carry out the survey fieldwork. This is taking place by telephone from August 2024 to December 2024.
During this period some organisations will be called by an Ipsos interviewer from their Edinburgh office (an 0131 number) inviting them to take part. You may also receive an email to let you know Ipsos has called and inviting you to reply.
The government and Ipsos can give the following reassurances about the survey:
-
taking part is totally confidential and voluntary for all individuals and organisations
-
the survey is not technical and participants do not need any specific IT knowledge
-
Ipsos would still like to speak to businesses, charities and education institutions even if they have not had any cyber security issues, to help ensure the findings are representative of all organisations
Who is being invited to take part?
Businesses across the UK have been selected at random from the Market Location Business Database.
Charities have been selected from:
- the Charity Commission database in England and Wales
- the Office of the Scottish Charity Regulator
- the Charity Commission for Northern Ireland.
Educational institutions have been selected from:
- Get Information About Schools
- Scottish Government School Contact details
- Colleges Scotland directory
- Welsh Government Address list of schools
- Colleges Wales directory
- NI Department of Education database
- NI Direct FE College directory
Within these organisations, Ipsos is inviting the senior person, with the most knowledge or responsibility when it comes to cyber security, to take part. In some organisations this might be a specific individual or head of department, while in other organisations it might be the business owner or one of the charity trustees.
What does participation involve?
Participation will involve a telephone interview with an interviewer from Ipsos. On average interviews last around 20 minutes, though the actual interview length may vary depending on the answers that you give. The interview will take place at a time that is convenient for you.
You may also receive an email, letting you know Ipsos has called and inviting you to reply, if someone in your organisation requested it.
Updates to this page
Last updated 5 August 2024 + show all updates
-
Added details and privacy notices for the 2025 survey.
-
Details updated to explain the fieldwork for the 2024 survey, which will begin in September 2023.
-
Details updated to explain the fieldwork for the 2023 survey, which will begin in September 2022.
-
Updated to include details on the new survey for 2022. The fieldwork for the 2022 survey will begin in October 2021.
-
Updated to include details on the new survey for 2021. The fieldwork for the 2021 survey will begin in October 2020.
-
This page has been updated to include details on the 2020 CSBS survey. The fieldwork for the 2020 survey will begin in October 2019.
-
We have uploaded a Privacy Notice.
-
Updated to include details on the 2019 survey. The fieldwork for the 2019 survey will begin in October 2019.
-
This has been updated with the latest dates of the 2018 survey.
-
First published.