Change of https://www.gov.uk/government/publications/cyber-resilience-pledge

Change description : 2026-07-13 10:03:00: Added links to the Cyber Resilience Pledge press notice and list of organisations signed up to the Pledge. Added information to reflect the formal launch event on 7 July 2026. [Guidance and regulation]

Showing diff : 2026-07-06 23:15:40.503969727 +00:00..2026-07-13 09:04:04.532581068 +00:00

Guidance

Cyber Resilience Pledge

Organisations are invited to take the Cyber Resilience Pledge. Commit to 3three actions that will have an immediate positive impact on your resilience to cyber attacks.

Documents

Details

Hostile cyber activity in the UK is growing more intense, frequent and sophisticated. This is causing significant financial and social harm to UK businesses and citizens. The government is taking robust action to protect the nation and, because cyber security is a shared responsibility, is working closely with industry to improve UK cyber resilience.

The government has developed a voluntary Cyber Resilience Pledge which provides a tangible way for organisations to demonstrate their commitment to cyber security, boost their resilience to cyber attacks and differentiate themselves from their competitors.

The Pledge was announcedformally bylaunched theat Security10 MinisterDowning Street on 227 AprilJuly 20262026, atalong the CyberUK conference in Glasgow. It formally launched in the summer, with a public announcement of organisations that have signed up.

Read the press notice.

Read the Security Minister’s speech.

See the list of organisations signed up to the Pledge

The Cyber Resilience Pledge

Organisations signing the pledge commit to take the following actions:

  1. Make cyber a Board responsibility:
    a. Implement all actions within the Cyber Governance Code of Practice.
    b. Ensure all board members undertake the NCSC’s Cyber Governance Training within 3 months, and then annually.

  2. Sign up to Early Warning: Register for the Early Warning service within one month of signing the pledge.

  3. Require Cyber Essentials across supply chains:
    a. Register to the Cyber Essentials Supplier Check Tool within 2 months of signing the pledge.
    b. Conduct a comprehensive audit of Cyber Essentials coverage.
    c. Take a risk-based approach to requiring Cyber Essentials across your supply chain.

In addition to the above 3three actions, organisations signing the pledge would commit to the following:

  • Encourage these actions within your own supply chains.
  • Publish the signed pledge declaration on your website.

Further details on the pledge can be found on this page.

If you want to sign the Pledge

Organisations which want to sign the Pledge should return the signed declaration to the DSIT Cyber Security team. You can also contact them to find out more.

Background

The government is taking significant action to counter the cyber threat and has developed tools to help businesses to defend themselves, but we cannot do this alone. Against this backdrop, ministers wrote to the CEOs and chairs of leading UK companies in October 2025 inviting them to take 3three specific actions that will have an immediate positive impact on the cyber resilience of our nation.

To build on the excellent response from industry, the government has developed this voluntary Cyber Resilience Pledge which formalises the 3three actions contained within the letter and provides a tangible way for organisations to differentiate themselves on cyber resilience, from their competitors.

The Pledge was originally announced during the Security Minister’s speech at Cyber UK in April 2026. You can read the original press notice here.

Updates to this page

Published 22 April 2026
Last updated 713 July 2026 Show all updates
  1. Added links to the Cyber Resilience Pledge press notice and list of organisations signed up to the Pledge. Added information to reflect the formal launch event on 7 July 2026.

  2. Added a link to the list of organisations signed up to the Pledge.

  3. First published.

Sign up for emails or print this page

Update history

2026-07-13 10:03
Added links to the Cyber Resilience Pledge press notice and list of organisations signed up to the Pledge. Added information to reflect the formal launch event on 7 July 2026.

2026-07-07 00:01
Added a link to the list of organisations signed up to the Pledge.

2026-04-22 09:30
First published.