Evaluating the impact of government Cyber Security initiatives in the UK

Abstract: Cyber security initiatives provide immense opportunities for governments to educate, train, create awareness, and promote cyber hygiene among businesses and the general public. Creating and promoting these initiatives are necessary steps governments take to ensure the cyber health of a nation. To ensure users are safe and confident, especially online, the UK government has created initiatives designed to meet the needs of various users such as small charity guide for charity organisations, small business guide for small businesses, get safe online for the general public, and cyber essentials for organisations, among many others. However, ensuring that these initiatives deliver on their objectives can be daunting, especially when reaching out to the whole population. It is, therefore, vital for the government to intensify practical ways of reaching out to users to make sure that they are aware of their obligation to cyber security. This study evaluates sixteen of the UK government's cyber security initiatives and discovers four notable reasons why these initiatives are failing. These reasons are insufficient awareness and training, non-evaluation of initiatives to measure impact, insufficient behavioural change, and limited coverage to reach intended targets. The recommendation based on these findings is to promote these initiatives both nationally and at community levels.