New procurement rules are set to ensure the public sector buys services from firms with good cyber security and plans for improved advice and guidance campaigns to help businesses manage security risks.
"As more and more organisations do business online and use a range of IT services to power their services, we must make sure their networks and technology are secure," said Minister for Media, Data and Digital Infrastructure, Julia Lopez. "Today we are taking the next steps in our mission to help encourage firms across the UK to follow the advice and guidance from the National Cyber Security Centre to secure their businesses’ digital footprint and protect their sensitive data."
The move follows a consultation by the Department for Digital, Culture, Media and Sport (DCMS) to enhance the security of digital supply chains and third party IT services, which are used by firms for things such as data processing and running software.
It comes asnew researchof chairs, CEOs and directors of Britain’s top organisations shows the majority (91 per cent up from 84 per cent in 2020) see cyber threats as a high or very high risk to their business, but nearly a third of leading firms are not taking action on supply chain cyber security, with only 69 per cent saying their organisation actively manages supply chain cyber risks.
The government’sNational Cyber Security Centre(NCSC) already offers a raft of cyber security support and advice on identifying business-wide risks and vulnerabilities - including the Cyber Assessment Framework.
The government will now develop more detailed policy proposals and it is currently carrying out a review of the laws and measures which encourage firms to improve their cyber security and will launch a new national cyber strategy later this year.
James is the Editor of GovX Digital, and has been covering digital government and public sector reform for 20 years. He also oversees the development of the agenda for the UK's biggest public sector transformation conference.