Urgent Action Requested: Strengthening UK Cyber Resilience - A Joint ministerial Letter
A joint letter from key government figures urges leading businesses to bolster their cyber security practices and those of their supply chains, citing increasing threats and the need for collective action.Signed by Secretary of State for Science, Innovation and Technology Liz kendall MP, Chancellor of the Exchequer Rachel Reeves MP, Secretary of State for Business and Trade Peter Kyle MP, Minister for Security dan Jarvis MBE MP, National Cyber Security Center (NCSC) CEO Dr Richard Horne, and National Crime Agency Director General Graeme Biggar CBE, the communication stresses the critical importance of proactive cyber resilience.
The letter highlights three key actions businesses should take immediately.First, organisations are strongly advised to register for the NCSC’s Active Cyber Defense service, a free resource providing alerts about potential cyber attacks targeting their networks. This early warning system can provide crucial time to detect and mitigate incidents before they escalate.
Secondly, the ministers call for the widespread adoption of Cyber essentials within supply chains. Currently, only 14% of UK businesses assess the cyber risks posed by their immediate suppliers. Cyber Essentials, a government-backed scheme, certifies that organisations have implemented essential cyber protections against common attacks. Businesses achieving Cyber Essentials certification are 92% less likely to make a claim on their cyber insurance. The government already mandates Cyber Essentials for many of its own suppliers, and this standard is now being requested across the private sector. Implementing the technical controls of Cyber Essentials on internal systems is also recommended as part of a broader cyber risk management strategy.
the letter points to the forthcoming Cyber Security and Resilience Bill, wich will increase protections for essential and digital services. Irrespective of whether a business falls within the Bill’s scope, the NCSC’s Cyber Assessment Framework (CAF) offers a valuable tool for improving cyber resilience for critical services. The three actions outlined – registering for Active Cyber defence, requiring Cyber Essentials in the supply chain, and utilising the CAF – align with the framework’s outcomes and are informed by lessons learned from previous attacks.
The ministers acknowledge the growing recognition of cyber security as a critical priority amongst company boards – currently exceeding 90% – but emphasize the need to translate this awareness into concrete action.They invite businesses to collaborate in a partnership to protect the UK economy and society, with planned events in the coming months to foster this collaboration and gather industry insights.
Businesses are requested to confirm receipt of the letter and provide contact details for a senior representative to facilitate ongoing communication on this vital issue to [email address].
