We've also seen cyber criminals continue to target individuals and organisations with a
range of ransomware and malware attacks. With new and innovative technologies
entering our lives, the challenge of using them securely is of great importance. To bounce
back and start our economic recovery, we must unlock the benefits of digital in an
effective, responsible and secure way.
In 2019, we sought industry feedback on the core barriers organisations face in managing
their digital security risks in the Cyber Security Incentives and Regulation Call for
Evidence. The responses have given us a nuanced and industry-focused understanding of
the challenges organisations face, and where we should be focusing government’s efforts.
In the months since we launched the Call for Evidence, we have also launched the Cyber
Aware campaign to help keep the public secure online. The National Cyber Security
Centre has published new guidance to help organisations operate securely in the new
digital environment and in April, the NCSC launched the Suspicious Email Reporting
Service to help us take down malicious websites. The new service has received a fantastic
response from the public, with over 1.7 million reports received, leading to the removal of
over 15,000 malicious sites. The Government will shortly be announcing additional
support to help organisations improve their cyber risk management during the current
pandemic.
Our work in this area will be most effective when done in partnership. I am grateful to all
those who took the time to respond to the Call for Evidence. As organisations adapt to the
markedly different environment they are operating in, we will continue to engage with
them to ensure they are supported and equipped to manage their cyber risk effectively.
Now more than ever, the digital resilience of all citizens and organisations is essential to
the prosperity of the UK economy.
Matt Warman
MP
Minister for Digital Infrastructure
Executive summary
The Cyber Security Incentives and Regulation Call for Evidence ran from 4 November
2019 until 20 December 2019. It sought industry input on the barriers faced by
organisations and the economy as a whole in taking effective action to manage cyber risks.
In particular, it called on industry to identify the information and assurances that would
result in organisations better prioritising and investing in the mitigation of cyber risks as
part of their broader organisational resilience and business continuity.
This public response sets out a summary of the main findings from the Call for Evidence,
including analysis of the 21 questions that respondents answered. This document brings
together the collective insights that have been gathered as part of the process of this
consultation.
2/27