Cyber Security Longitudinal Survey: Wave 4, 2025

DOI

Abstract copyright UK Data Service and data collection copyright owner.

The Cyber Security Longitudinal Survey (CSLS) helps us better understand cyber security policies and processes within medium and large businesses and high-income charities. It explores the links over time between these policies and processes and the likelihood and impact of a cyber incident. The survey is commissioned by The Department of Science, Innovation and Technology and aims to support the Government by providing evidence that can inform policies which help to make Britain a safer place to do business online. This is the fourth research year (or wave) of a multi-year study. The fourth wave of fieldwork was carried out during 2024, with the report published on 6 February 2025. The core objectives of the study are to: explore how and why UK organisations are changing their cyber security profile and how they implement, measure, and improve their cyber defences.provide a more in-depth picture of larger organisations, covering topics that are lightly covered in the main Cyber Security Breaches Survey (also available from the UK Data Archive), such as corporate governance, supply chain risk management, internal and external reporting, cyber strategy, and cyber insurance.explore the effects of actions adopted by organisations to improve their cyber security on the likelihood and impact of a cyber incident. Further information and additional publications can be found on the GOV.UK Cyber Security Longitudinal Survey pages. Wave 1-3 data from the Cyber Security Longitudinal Survey can also be found on the UK Data Archive under SNs 8969, 9067 and 9284 respectively.

Main Topics:

The questionnaire covered the following topic areas:cyber profile of organisationscyber security policies and processes and any improvements made over the last 12 monthssupplier risksinfluencers of changes in policies and processesuse and forms of cyber insuranceboard engagement with cyber security use of information or guidance from the National Cyber Security Centre (NCSC) to inform approach to cyber securitycyber security incident prevalence, impact and costscyber security incident management

Multi-stage stratified random sample

Self-administered questionnaire: Web-based (CAWI)

Telephone interview: Computer-assisted (CATI)

Identifier
DOI https://doi.org/10.5255/UKDA-SN-9356-1
Related Identifier https://www.gov.uk/government/publications/cyber-security-longitudinal-survey-wave-four-results
Related Identifier https://www.gov.uk/government/publications/cyber-security-longitudinal-survey-wave-four-results/cyber-security-longitudinal-survey-wave-four-technical-report
Metadata Access https://datacatalogue.cessda.eu/oai-pmh/v0/oai?verb=GetRecord&metadataPrefix=oai_ddi25&identifier=022a8e726d325c86b8c1176f8b581e94a6eef9d1480758d4beaa8aaa87465e08
Provenance
Creator Department of Science, Innovation and Technology
Publisher UK Data Service
Publication Year 2025
Funding Reference Department of Science, Innovation and Technology
Rights <a href="https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/uk-government-licensing-framework/crown-copyright/" target="_blank">© Crown copyright</a>. The use of these data is subject to the <a href="https://ukdataservice.ac.uk/app/uploads/cd137-enduserlicence.pdf" target="_blank">UK Data Service End User Licence Agreement</a>. Additional restrictions may also apply.; <p>The Data Collection is available to UK Data Service registered users subject to the <a href="https://ukdataservice.ac.uk/app/uploads/cd137-enduserlicence.pdf" target="_blank">End User Licence Agreement</a>.</p><p>Commercial use of the data requires approval from the data owner or their nominee. The UK Data Service will contact you.</p>
OpenAccess true
Representation
Resource Type Numeric
Discipline Business and Management; Economics; Jurisprudence; Law; Social and Behavioural Sciences
Spatial Coverage United Kingdom