In May 2021, the Government published a call for views on supply chain cyber security, which sought feedback on how to improve cyber security in supply chains and third-party IT services used by businesses for data processing and infrastructure management. The Government also sought views on the suitability of a proposed security framework for firms that manage organisations’ IT infrastructure, known as “Managed Service Providers”.

The Government has now published a summary of the evidence received and its response to the issues raised. The Government says that the evidence received shows that there was broad agreement among respondents to the analysis of the challenges around supply chain cyber security. There was also broad agreement that further support and intervention from the Government would be required, with 82% of respondents agreeing legislation could be an effective or a somewhat effective solution.

Alongside its response to the call for views, the Government has also published new research on how businesses are dealing with cyber security. The Captains of Industry Cyber Resilience Research assesses the action the UK’s leading firms are taking on cyber security, including how they manage supply chain cyber risks.

The Government will now develop more detailed policy proposals and it is currently carrying out a review of the laws and measures which encourage firms to improve their cyber security and will launch a new national cyber strategy later in 2021. To access the Government’s response in full, click here.