The UK Government has this week launched a new Code of Practice outlining standards for cyber governance, with the goal of improving cyber security in medium-sized and large organisations.

The Cyber Governance Code of Practice sets out the most critical governance actions for which directors are responsible, rather than serving as guidance for those managing cyber security on a day-to-day basis.

According to the 2024 Cyber Security Breaches Survey, 50% of businesses and 66% of high-income charities report having experienced some form of cyber security breach or attack in the 12 month period covered by the report. The prevalence of attacks is even higher in medium-sized businesses (70%) and large businesses.

This week's launch follows the release earlier this month of the Government’s proposals to bolster cyber defences and oversight through its Cyber Security and Resilience Bill, which includes measures it hopes will better protect the supply chain and operators of critical national services, including public services, utilities and IT service providers.

---