Cyber Security Longitudinal Survey: wave two
The government is carrying out a longitudinal survey to investigate cyber security practices and policies, and the costs and impacts of cyber incidents on organisations.
Documents
Details
The government is undertaking a survey of large and medium-sized businesses and high-income charities to ask about cyber security. The survey will investigate how organisations approach cyber security and what cyber security issues they face. The research will inform government policy on cyber security and support the government’s work with industry and charities to make the UK the safest place live and work online.
A ‘longitudinal’ survey means speaking with the same organisation more than once, in order to track their experiences over time.
Ipsos has been commissioned to carry out the survey fieldwork. The second wave is taking place by telephone and online from April 2022 to June 2022. The first wave took place between March and July 2021. See fist wave findings.
During this period some organisations will be called by an Ipsos interviewer from their Edinburgh office (an 0131 number) inviting them to take part. You may also receive an email to let you know Ipsos has called and inviting you to reply. You will be offered the option of completing the survey online and, if so, you will receive the survey link via email from Ipsos: UK-DCMSsurvey@ipsos-mori.com.
The government and Ipsos can give the following reassurances about the survey:
- taking part is completely confidential and voluntary for all individuals and organisations
- the survey is not technical and participants do not need any specific IT knowledge
- Ipsos would still like to speak to businesses and charities even if they have not had any cyber security issues (this helps ensure the findings are representative of all organisation)
During the COVID-19 pandemic, with increasing home working, video conferencing and business moving online, it is important Ipsos speaks to as many organisations as possible.
Who supports this survey?
Industry and government stakeholders support the aims of this survey, including:
- National Cyber Security Centre (NCSC)
- Home Office
- Scottish Government
- The Charity Commission
- The Confederation of British Industry
- The Institute of Chartered Accountants in England and Wales (ICAEW)
Who is being invited to take part?
Large and medium-sized businesses across the UK have been selected at random from the government’s Inter-Departmental Business Register. High-income charities have been selected from the Charity Commission database in England and Wales, the Office of the Scottish Charity Regulator, and the Charity Commission for Northern Ireland.
Within these organisations, Ipsos is inviting the senior person with the most knowledge or responsibility when it comes to cyber security to take part. In some organisations this might be a specific individual or Head of Department, while in other organisations it might be the business owner or one of the charity trustees. If you have any questions please contact UK-DCMSsurvey@ipsos-mori.com.
What does participation involve?
Participation will involve a telephone interview with an interviewer from Ipsos or, if preferred, completing the online version of the survey. On average interviews (or completing the online survey) will take around 20 minutes, though the actual interview length may vary depending on the answers that you give. The interview will take place at a time that is convenient for you.
If someone in your organisation requested it, you may also have received an email to let you know Ipsos has called and inviting you to reply.
If you agree to remain part of our panel of businesses and charities, you can participate in the follow-up survey in 2023, but this is completely optional and you will be able to change your mind if you wish. For more information about the survey, you can see the Privacy Notice for Businesses and Privacy Notice for Charities.