The modern world is increasingly reliant upon digital technology. The amount of data stored by public bodies is growing, and increasingly, computerised systems are performing vital functions in public services.

However, one of the downsides to this increased digitisation is the growing cyber threat from unscrupulous organisations and individuals seeking to exploit the digital world for their own monetary or political gain.

In order to defend themselves against such attacks, public bodies have to increase their cyber security but also their cyber resilience.

Cyber resilience is the ‘overall ability of systems and organisations to withstand cyber events and, where harm is caused, recover from them’ (as defined by the National Cyber Security Centre).

The COVID-19 pandemic has further emphasised the importance of cyber resilience. Reliance on the internet has surged during 2020, with huge numbers of public and private employees working remotely, and with the general public increasing their use of the internet to connect with friends and relatives.

Audit Wales is carrying out a national study on cyber resilience in the Welsh public sector. We have surveyed around 70 Welsh organisations about their approaches to cyber resilience.