In May 2021, the government published a call for views on supply chain cybersecurity, which sought feedback on how to improve cybersecurity in supply chains and third-party IT services used by businesses for data processing and infrastructure management. The government also sought views on the suitability of a proposed security framework for firms that manage organisations' IT infrastructure, known as "managed service providers".

The government has now published a summary of the evidence received and its response to the issues raised. The government says that the evidence received shows that there was broad agreement among respondents to the analysis of the challenges around supply chain cybersecurity. There was also broad agreement that further support and intervention from the government would be required, with 82% of respondents agreeing legislation could be an effective or a somewhat effective solution.

Alongside its response to the call for views, the government also published new research on how businesses are dealing with cybersecurity. The Captains of Industry Cyber Resilience Research assesses the action that the United Kingdom's leading firms are taking on cybersecurity, including how they manage supply chain cyber risks.

The government will now develop more detailed policy proposals. It is currently carrying out a review of the laws and measures that encourage firms to improve their cybersecurity and will launch a new national cyber strategy later in 2021. To access the government's response in full, click here.

For further information on this topic please contact Alan Owens at Wiggin by telephone (+44 20 7612 9612) or email ([email protected]). The Wiggin website can be accessed at