A Code of Practice on cyber security governance has been published by the Department for Science, Innovation & Technology that is designed to help businesses better defend themselves from cyber threats.
The more digital business life has become, the more cyber security issues have become an essential part of risk management for every business. Figures indicate that 32% of firms have experienced a cyber breach or attack in the last year, and ransomware attacks and malicious actors posing significant threats continue to rise. Even the NHS 111 service was taken offline recently by a cyber-attack.
Because of its prevalence and ability to significantly impact business, the Code seeks to help directors and senior leaders in business take cyber issues as seriously as they would legal or financial issues.
The Code particularly emphasises the importance of having detailed plans in place to respond to and recover from any potential cyber incidents. Regular testing of the plans and a formal system for reporting incidents is also encouraged, as is appropriate training for employees who may not have the skills or awareness to spot potential cyber issues.
Many businesses are already taking advantage of the government’s Cyber Essentials scheme. This is a scheme that allows a business to demonstrate that they have vital security controls in place, for example managing security updates, having suitable anti-virus software and proper password protection. A certificate is awarded to businesses that can demonstrate these controls. 38,113 certificates were awarded in the last year, with 39% of the UK’s largest businesses now holding such a certificate.
This highlights a growing move by business to recognise cyber threats and accept the need to do something about it.
Directors, non-executive directors, and senior leaders are all encouraged to share their views on the new Code. The consultation will be open until 19 March 2024.
Further information and a link to complete the survey is available here: https://www.gov.uk/government/news/business-leaders-urged-to-toughen-up-cyber-attack-protections