Cyber security longitudinal survey: wave three
The government is carrying out a longitudinal survey to investigate cyber security practices and policies, and the costs and impacts of cyber incidents on organisations.
Documents
Details
The government is undertaking a survey of large and medium-sized businesses and high-income charities to ask about cyber security. The survey will investigate how organisations approach cyber security and what cyber security issues they face. The research will inform government policy on cyber security and support the government’s work with industry and charities to make the UK the safest place live and work online.
A ‘longitudinal’ survey means speaking with the same organisation more than once, in order to track their experiences over time.
Ipsos has been commissioned to carry out the survey fieldwork. The third wave is taking place by telephone and online from March 2023 to July 2023. The second wave took place between April and July 2022. See second wave findings.
During this period some organisations will be called by an Ipsos interviewer from their Edinburgh office (an 0131 number) inviting them to take part. You may also receive an email to let you know Ipsos has called and inviting you to reply. You will be offered the option of completing the survey online and, if so, you will receive the survey link via email from Ipsos: uk-dsitsurvey@ipsosresearch.com.
The government and Ipsos can give the following reassurances about the survey:
- taking part is completely confidential and voluntary for all individuals and organisations
- the survey is not technical and participants do not need any specific IT knowledge
- Ipsos would still like to speak to businesses and charities even if they have not had any cyber security issues (this helps ensure the findings are representative of all organisations)
Who supports this survey?
Industry and government stakeholders support the aims of this survey, including:
- National Cyber Security Centre (NCSC)
- Home Office
- Scottish Government
- The Charity Commission
Who is being invited to take part?
Large and medium-sized businesses across the UK have been selected at random from the government’s Inter-Departmental Business Register. High-income charities have been selected from the Charity Commission database in England and Wales, the Office of the Scottish Charity Regulator, and the Charity Commission for Northern Ireland.
Within these organisations, Ipsos is inviting the senior person with the most knowledge or responsibility when it comes to cyber security to take part. In some organisations this might be a specific individual or Head of Department, while in other organisations it might be the business owner or one of the charity trustees. If you have any questions please contact uk-dsitsurvey@ipsosresearch.com.
What does participation involve?
Participation will involve a telephone interview with an interviewer from Ipsos or, if preferred, completing the online version of the survey. On average interviews (or completing the online survey) will take around 20 minutes, though the actual interview length may vary depending on the answers that you give. The interview will take place at a time that is convenient for you.
If someone in your organisation requested it, you may also have received an email to let you know Ipsos has called and inviting you to reply.
If you agree to remain part of our panel of businesses and charities, you can participate in a potential follow-up survey in 2024, but this is completely optional and you will be able to change your mind if you wish.
For more information about the survey, you can see the Privacy Notice for Businesses and Privacy Notice for Charities.