Skip to content

UK businesses commit to new government cyber resilience pledge

Over five million cyber crimes were committed against UK firms last year

cyber pledge
Image credit: Shutterstock / High Fi

More than 60 businesses including M&S, Nationwide, ITV, Microsoft UK and Cloudflare have committed to strengthen their cyber defences by signing up to the government’s new cyber resilience pledge.

The voluntary pledge, which has been designed for medium and large organisations but is open to organisations of all sizes and sectors, asks signatories to take three concrete actions to improve their cyber security.

These include making cyber security a board-level responsibility by implementing the cyber governance code of practice and ensuring all board members complete the National Cyber Security Centre’s (NCSC’s) cyber governance training; and registering for the NCSC’s early warning service, a tool that alerts organisations to potentially suspicious activity on their networks.

It also includes taking a risk-based approach to requiring the government-backed cyber essentials certification across their supply chain.

Set to launch at Downing Street later today, the new pledge comes as businesses face an increasingly urgent threat environment, with over five million cyber crimes committed against UK firms last year – equivalent to one every six seconds. In May, UKTN reported how cyber attacks cost UK businesses £3.7bn in litigation in 2025.

Hostile cyber activity in the UK continues to escalate, with the NCSC handling 204 nationally significant incidents in the year to September, up from 89 the year before.

The average cost of a significant cyber attack on an individual UK business now stands at almost £195,000, with the annual cost to organisations estimated at £14.7bn excluding wider disruption across the economy.

Founding signatories to the pledge span retail, financial services, media, utilities and technology and include M&S, Nationwide, ITV, Microsoft UK, Cloudflare, Deloitte LLP, Accenture UK, Vodafone Group and VodafoneThree. 

The launch comes ahead of the new national cyber action plan, which will set out how the government will continue to work with industry to protect the UK from the cyber threats it faces in the AI era.

The government says the new pledge is a central pillar of this work. 

“Cyber attacks can disrupt services, put customers’ data at risk and have a real impact on the bottom line,” says Liz Kendall, technology secretary. “As AI makes these threats more sophisticated and easier to launch, no organisation can afford to stand still.

“That’s why we’re working with businesses to help them strengthen their defences. The steps in this pledge are practical, achievable and proven to make a difference. Today’s signatories are leading the way, and I encourage organisations across the UK to follow their example.”

Topics

Register for Free

Bookmark your favorite posts, get daily updates, and enjoy an ad-reduced experience.

Already have an account? Log in