The move follows a consultation by the Department for Digital, Culture, Media and Sport (DCMS) to enhance the security of digital supply chains and third party IT services, which are used by firms for things such as data processing and running software.
It comes as new research of chairs, CEOs and directors of Britain’s top companies shows the majority (91 per cent up from 84 per cent in 2020) see cyber threats as a high or very high risk to their business, but nearly a third of leading firms are not taking action on supply chain cyber security, with only 69 per cent saying their organisation actively manages supply chain cyber risks.
The government’s National Cyber Security Centre (NCSC) already offers a raft of cyber security support and advice on identifying business-wide risks and vulnerabilities – including the Cyber Assessment Framework – as well as specific Supply Chain Security and Supplier Assurance guidance.