The UK government has urged businesses to strengthen their own cyber security as it invests £90 million to shore up defences across the country.

To encourage this, the government is encouraging organisations to sign a new Cyber Resilience Pledge, set to launch later this year. Signatories agree to make cyber security a board-level responsibility, sign up to the National Cyber Security Centre’s (NCSC) free Early Warning Service, and require Cyber Essentials certification across their supply chains.

The government said the initiative forms part of its wider efforts to improve the UK’s cyber resilience as increasingly sophisticated AI models lower the barriers for cyber criminals to launch attacks at scale and speed.

According to recent figures, 43 per cent of UK businesses experienced a cyber breach or attack over the past year, the government said.

The announcement comes as the Cyber Security and Resilience Bill is progressing through Parliament following the King’s Speech, reinforcing the government’s plans to strengthen protections for critical national infrastructure and essential services including energy, healthcare, water and data centres.

The government also revealed that the UK cyber security sector grew by 11 per cent last year, with revenues reaching £14.7 billion. The number of cyber security firms operating in the UK increased by 20 per cent to 2,603, while the sector created 2,300 jobs over the same period.

Research by the AI Security Institute into frontier AI models, including Mythos and GPT 5.5, was also cited as evidence that traditional cyber defences alone are no longer sufficient.

The government said organisations now need to invest in more resilient systems capable of limiting the impact of attacks, rather than relying solely on reactive measures.

Cyber security minister Baroness Lloyd said that cyber security is now fundamental to economic growth, job creation, and the resilience of the services people rely on every day.

“As threats evolve, businesses of all sizes need to step up and take practical action now,” she added. “The Cyber Resilience Pledge is a clear call for companies to strengthen their defences, protect their customers and play their part in keeping the UK secure and competitive.”

---