New campaign promotes cyber essentials to tackle rising online threats
The government has launched a nationwide campaign urging businesses to “lock the door” on cyber criminals, as new figures reveal the scale of online threats facing UK firms.
Announced on 17 February 2026 by the Department for Science, Innovation and Technology and the National Cyber Security Centre, the initiative targets small and medium-sized enterprises and promotes the adoption of the Cyber Essentials scheme.
The campaign will run across social media, podcasts, radio, and business networks. It aims to reach smaller firms directly and provide practical steps to strengthen their cyber resilience.
New data shows cyber threats cost UK businesses £14.71 billion each year. Half of small businesses experienced a cyber breach or attack in the past 12 months, while 82 percent of medium and large firms reported a cyber incident during the same period. Significant cyber incidents cost an average of £195,000.
Cyber Essentials sets out five core protections designed to guard against the most common attacks. These include firewalls, secure configuration, software updates, user access control, and malware protection. Many incidents exploit basic vulnerabilities in these areas.
According to government figures, 92 percent fewer insurance claims were made last year by organisations certified under Cyber Essentials. Certification can also support bids for government contracts, and eligible firms may access free cyber insurance and a 24-hour emergency helpline through the scheme’s delivery partner.
Cyber Security Minister Baroness Lloyd said no business is out of reach from cyber criminals and warned that smaller firms often underestimate their exposure. She stated that Cyber Essentials offers a straightforward checklist that does not require specialist expertise and should be treated as a core business safeguard, comparable to fire or theft protection.
Dr Richard Horne, chief executive of the National Cyber Security Centre, said attackers typically look for opportunities and weaknesses rather than targeting specific brands. He encouraged businesses to implement the five key controls to reduce exposure to common and damaging threats.
The campaign also highlights free tools for businesses, including a Cyber Essentials Readiness Tool, complimentary 30-minute consultations with NCSC assured cyber advisers for SMEs preparing for certification, and early access to the Cyber Essentials question set and infrastructure requirements.
Alongside the campaign, the government is progressing the Cyber Security and Resilience Bill, which aims to strengthen cyber resilience for essential and digital services and key suppliers across the economy.