As one of the Government’s Strategic Suppliers, Capgemini has pledged to take meaningful action to help strengthen cyber resilience in the UK.

In June 2026, I attended Downing Street for the launch of the Government’s Cyber Resilience Pledge – which I was proud to sign on behalf of Capgemini in the UK.

Cyber resilience is critical to every business operating throughout the UK, as we deal with a threat landscape more complex, more persistent, and more interconnected than ever before. The wider geopolitical backdrop only adds to that pressure. We must work together to strengthen resilience across the UK, and this voluntary pledge is a practical commitment from businesses to work alongside government in doing so.

What we have pledged to do

The Government’s Cyber Resilience Pledge sets out three practical actions organisations can take now to strengthen their resilience. In signing it, Capgemini has committed to:

  1. Make cyber a Board responsibility – implementing all actions within the Cyber Governance Code of Practice and ensuring all board members undertake the National Cyber Security Centre’s (NCSC) Cyber Governance Training.
  2. Sign up to the NCSC Early Warning service.
  3. Take a risk-based approach to requiring Cyber Essentials certification across our suppliers by registering to the Cyber Essentials Supplier Check Tool and auditing our entire supply chain.

Capgemini was also closely involved in shaping the pledge itself. As one of the Government’s Strategic Suppliers, we were part of the early discussions on how organisations could help raise the standard of cyber resilience more consistently across supply chains, and we supported the development of the pledge as a practical way to turn that shared ambition into clear action.

You can read more about the pledge on our dedicated page.

Why this matters

Recent attacks have shown how quickly cyber incidents can move beyond the immediate target and cause wider disruption. The impact can be financial, operational, and reputational. In some cases, it can affect the services people depend on every day.

At the same time, the threat itself is evolving. Attacks are becoming more frequent and more sophisticated, while the organisations behind the most serious incidents increasingly include hostile states and state-aligned actors. In a more geopolitically disrupted environment, that makes resilience an issue of national importance as well as business responsibility.

The pledge is important because it sets out a sensible minimum standard that organisations of any size can adopt. If businesses are working with suppliers that aren’t taking these steps – or with partners whose supply chains aren’t – they are increasing their exposure to risk. Raising the baseline across supply chains is one of the most practical ways to strengthen resilience more broadly.

How we will put it into practice

For Capgemini, the most significant part of this commitment is our supply chain. Strong cyber resilience must extend across the wider ecosystem of partners and suppliers that organisations depend on every day.

We will take a phased, risk-based approach to auditing our supply chain. We will start with our most prominent suppliers, assess Cyber Essentials coverage, and use that insight to prioritise action. Over time, we will widen that work across the supply chain, helping ensure the organisations we work with are meeting an appropriate minimum standard of cyber security.

We will also review our progress after six months and report on how far we have advanced that work. This is about taking responsibility and demonstrating progress, not treating a voluntary pledge as a contractual exercise.

Building on our existing cyber culture

This commitment builds on work already well established at Capgemini. Cyber security has long been central to how we operate and how we support clients as technology, risks, and operating models have evolved.

Internally, we have invested in building a strong cyber culture through initiatives like our “Be Secure, Be Trusted” hub – a team dedicated to hosting in-person and hybrid campaigns that underline the critical importance of a strong security mindset in the workplace. Through these campaigns, we aim to empower our colleagues with the essential knowledge and resources required to safeguard client, company, and personal digital assets.

Why? Because our clients’ security matters. It informs how we think about governance, leadership, accountability, and day-to-day delivery. Signing the pledge is a natural extension of that long-standing focus.

Leading by example

My ambition is not only to help deliver on this pledge in the UK, but also to bring the wider Capgemini Group on the journey with us. The UK has an opportunity to lead by example, showing how organisations can work collaboratively with government to strengthen resilience across supply chains, sectors, and borders.

Cyber resilience is a shared responsibility. No single organisation can address this challenge alone, but practical commitments like this can help move the whole system in the right direction. I was proud to sign the pledge on behalf of Capgemini in the UK. Now we focus on delivering it.