Cyber Resilience Pledge

The UK government has developed a voluntary Cyber Resilience Pledge which provides a tangible way for organisations to boost their resilience to cyber attacks and differentiate themselves from their competitors.

Hostile cyber activity in the UK is growing more intense, frequent and sophisticated. This is causing significant financial and social harm to UK businesses and citizens. The government is taking robust action to protect the nation and, because cyber security is a shared responsibility, is working closely with industry to improve UK cyber resilience.

Organisations are invited to take the Cyber Resilience Pledge, which contains 3 actions that will have an immediate positive impact on resilience to cyber attacks.

1. Make cyber a Board responsibility: a. Implement all actions within the Cyber Governance Code of Practice. b. Ensure all board members undertake the NCSC’s Cyber Governance Training within 3 months, and then annually.
2. Sign up to Early Warning: Register for the Early Warning service within one month of signing the pledge.
3. Require Cyber Essentials across supply chains: a. Register to the Cyber Essentials Supplier Check Tool within 2 months of signing the pledge. b. Conduct a comprehensive audit of Cyber Essentials coverage. c. Require Cyber Essentials across your supply chain.

In addition to the above 3 actions, organisations signing the pledge would commit to the following:

• Encourage these actions within your own supply chains.
• Publish the signed pledge declaration on your website.

The Pledge was announced by the Security Minister on 22 April 2026 at the CyberUK conference in Glasgow. It will be formally launched in the summer, with a public announcement of those organisations which have signed up.

Organisations which want to sign the Pledge should return the signed declaration to the DSIT Cyber Security team. You can also contact them to find out more or visit the webpage here.