Research and analysis

Cyber Security Longitudinal Survey - Privacy Information

The government is conducting a longitudinal survey from June-August 2025 to study cyber security practices and the effects of cyber incidents on organisations.

Documents

Details

The Cyber Security Longitudinal Survey (CSLS) helps us better understand cyber security policies and processes within medium and large businesses and high-income charities. It explores the links over time between these policies and processes and the likelihood and impact of a cyber incident.

This is the fifth phase of the research and therefore this report enables us to make comparisons with the first phase of the research which was published in January 2022, the second phase of research which was published in December 2022, the third phase of research which was published in March 2024, and the fourth phase of research which was published in February 2025. The report also summarises additional insight from a number of follow-up qualitative interviews with survey respondents.

This research informs the government’s work to improve the cyber resilience of organisations across the UK economy.

For more information on the cyber security behaviours of organisations, please see the annual Cyber Security Breaches Survey.

Updates to this page

Published 26 February 2021
Last updated 20 May 2025 show all updates
  1. Wave four results added to the collection and privacy information updated ahead of wave five data collection.

  2. We have edited the privacy notice for CSLS wave 4, 2024.

  3. First published.

Sign up for emails or print this page