The escalating threat landscape has prompted over 60 major UK businesses to join forces in a bid to strengthen their cyber defences. Signatories to the Cyber Resilience Pledge – which includes household names such as M&S, Nationwide, ITV, Microsoft UK, and Cloudflare – have committed to implementing enhanced security measures in response to an estimated £14.7 billion annual hit from cyber attacks on the nation's economy.
The voluntary pledge, formally launched at 10 Downing Street, is a key component of the government's National Cyber Action Plan. This comprehensive strategy aims to bolster UK businesses' resilience against cyber threats, which are becoming increasingly sophisticated and frequent – with over five million reported cyber crimes last year alone.
As part of the pledge, participating firms must undertake three critical actions: make cyber security a board-level responsibility; implement the Cyber Governance Code of Practice; and ensure their board members complete the NCSC's Cyber Governance Training. Furthermore, signatories will register for the free Early Warning service, which alerts organisations to suspicious network activity, and adopt a risk-based approach to mandating the government-backed Cyber Essentials certification across their supply chains.
Technology Secretary Liz Kendall stressed that cyber resilience is no longer an IT issue, but a core business imperative. She warned that cyber attacks can have devastating consequences for companies, compromising customer data and significantly impacting profitability. The Secretary also highlighted the double-edged sword of artificial intelligence – while it offers new capabilities for defenders, it simultaneously enables attackers to exploit weaknesses with unprecedented speed.
The NCSC reported handling 204 nationally significant incidents in the year to September, a marked increase from 89 the previous year. The average cost of such an attack on an individual UK business now stands at almost £195,000 – not including wider economic disruption. As part of its ongoing efforts to protect the nation from evolving cyber threats, the government will invest in AI-powered defensive capabilities and promote the adoption of new security measures through industry collaboration.