Businesses across the UK are being urged to sign up to a Cyber Resilience Pledge.
The pledge, launching later this year, sets out three concrete actions organisations can take to improve their cyber security:
- making cyber security a board-level responsibility
- signing up to the National Cyber Security Centre’s free Early Warning Service
- require Cyber Essentials certification across their supply chains – the UK government-backed cyber security standard that blocks the most common cyber threats.
Together, these steps help businesses reduce risk, protect customers and build confidence across the wider economy.
UK Government ministers have written directly to some of the UK’s leading companies inviting them to sign up to the Cyber Resilience Pledge, and organisations are now encouraged to review the requirements and commit. The UK Government is backing this shift with £90 million towards improving cyber resilience across the economy.
The push comes as the Cyber Security and Resilience Bill will continue its passage through Parliament following the King’s Speech.
New figures also show the strength of the UK’s cyber security sector, which grew 11% last year to £14.7 billion, with the number of firms rising by 20% to 2,603 – underlining the UK’s position as a global cyber security leader and a fast‑growing engine of the economy.
The sector created 2,300 jobs in the past year alone, reflecting rising demand for British cyber expertise as businesses and public services invest in stronger protection against increasingly sophisticated threats, including those enabled by AI.
Ministers have warned that the threats businesses face in cyber space are changing, and the way they respond must change with it. A new generation of AI models is lowering the barrier for cyber criminals, enabling them to find vulnerabilities and carry out attacks at a speed and scale that would have been impossible even a year ago. Recent figures show 43% of UK businesses experienced a cyber breach or attack in the past year, underlining the urgency of action.
The importance of taking action has been highlighted by recent research by the AI Security Institute, looking at frontier models like Mythos and GPT 5.5. Ministers are warning that traditional cyber protections alone are no longer enough. As AI accelerates the pace and scale of cyber attacks, organisations must now invest in smarter, more resilient systems that can limit the impact of breaches and keep ahead of attackers – rather than constantly reacting after the damage is done.
Cyber Security Minister Baroness Lloyd said:
“Cyber security is now fundamental to economic growth, job creation and the resilience of the services people rely on every day.
“The UK has a world‑class cyber sector that is creating skilled jobs and protecting our economy – and government is doing more by investing in its own defences, legislating to require more of essential services and setting clear national standards.
“As threats evolve, businesses of all sizes need to step up and take practical action now. The Cyber Resilience Pledge is a clear call for companies to strengthen their defences, protect their customers and play their part in keeping the UK secure and competitive.”
