Information Security


According to research commissioned by the then DTI, the Information Security market was worth £865 million in the UK in 2002 and its value has only increased since then. The UK industry is widely recognised to be highly innovative and has led the way in the development of standards and good practices, notably with the BS 7799 (now international) standards. However, it has generally failed to build successful mass-market suppliers in a market that is dominated by overseas companies, particularly from the US. In practice the market is fragmented on both the supplier and the user side. Many companies have no single point of responsibility for their information security, and purchasing is often split across several departments. Information Security still tends to be viewed as a technical matter rather than a mainstream business issue.

BERR's Information Security Policy Team focuses on policy, both domestic and international, to embed good security practice within the UK business community.

  • In recognition of the need for easy to understand guidance and advice for SMEs, the Department has created dedicated information security business advice pages which provide easy to understand, jargon-free information about a variety of information security issues. To assess how secure your business is, try the online BERR Information Security Health Check

  • There is a range of information security publications and CD ROMs which include details about ISO/IEC 27001 and 27002 - the international standards on information security. All our titles are available to download or order. Please go to Downloads for a full listing.

  • The Department (in partnership with industry) produces a biennial Information Security Breaches Survey which is intended to help businesses understand the information security risks they face. The 2008 Survey was launched at Infosecurity Europe on 22 April. The main Technical Report as well as the Executive Summary are available to download or order from this site - please go to Downloads. For further information on the Survey please visit

  • In partnership with Mid Yorkshire Chamber of Commerce & Industry (MYCCI) we have helped to develop an interactive e-learning package which aims to be both practical and appealing. Please visit

  • We represent the information security needs of businesses, both within the UK and internationally, to promote the development of appropriate international standards and a regulatory framework that is conducive to the uptake of electronic commerce. In particular BERR is a member of the Management Board of the European Network and Information Security Agency (ENISA). Further information is available at

  • We work with businesses to develop solutions to emerging problems including initiatives such as the arrangements for Trusted Third Parties that provide cryptographic services