Protecting Against Cyber Crime

Our four-year programme to increase our resilience to an ever-changing and escalating cyber threat.

Continuing our four-year programme to ensure we continue to be resilient to cyber-crime and protect our customers

In our 2021 Business Plan, we developed a four-year programme to become more resilient to cyber-crime and protect our customers.

This is called our Information Security and Privacy Strategy.


What this involves

As part of our Protecting Against Cyber Crime business case, we’re building on improvements we’ve already achieved in cyber security maturity.

In this next phase, we’re putting a further focus on reducing risk and adding a stabilisation period when transformations complete.

We’ve shared the full scope of our 2023 business case with our customers’ Chief Information Security Officers.


Customer benefits

  • Reduced risk of a cyber-attack.

  • Reduction of the impact of this risk to ‘Minor’.

  • Continued certification in ISO27001:2013.

  • Planned certification in ISO27001:2022.

  • Cyber-security maturity in line with industry standards, as advised by NCC Group.


Read our 2023 Business Plan for full business case details

We’ll share quarterly updates on our progress from the end of Q1 for BP23. 

Read our 2023 Business Plan to find more information on this business case.