Member Article

Government calls on Britain’s biggest businesses to do more on cyber security

The government is calling on Britain’s top firms to do more to counter cyber security threats and attacks.

Research shows that one in ten FTSE 350 companies operate without a response plan for a cyber incident while only six per cent of businesses completely prepared for new data protection rules.

Moreover, a survey of the UK’s biggest 350 companies found more than two thirds of boards had not received training to deal with a cyber incident (68 per cent) despite more than half saying cyber threats were a top risk to their business (54 per cent).

The FTSE 350 Cyber Governance Health Check is the Government’s annual report providing insight into how the UK’s biggest 350 companies deal with cyber security.

With less than a third of companies receiving comprehensive cyber risk information, the Government will soon be introducing its new Data Protection Bill to Parliament and it is urging companies to get involved.

With this coming into effect next May, implementing the General Data Protection Regulation (GDPR), the report for the first time included questions about data protection.

There has been progress in some areas when compared with last year’s health check, with more than half of company boards now setting out their approach to cyber risks (53 per cent up from 33 per cent) and more than half of businesses having a clear understanding of the impact of a cyber attack (57 per cent up from 49 per cent).

The Government says it is fully committed to defending against cyber threats and a five-year National Cyber Security Strategy (NCSS) was announced in November 2016, supported by £1.9 billion of transformational investment.

This includes opening the National Cyber Security Centre and offering free online advice as well as training schemes to help businesses protect themselves.

Earlier this week, the government also announced proposals on how to help the nation’s essential industries be more resilient to cyber threats through the NIS Directive.

Minister for Digital Matt Hancock said: “We have world leading businesses and a thriving charity sector but recent cyber attacks have shown the devastating effects of not getting our approach to cyber security right.

“These new reports show we have a long way to go until all our organisations are adopting best practice and I urge all senior executives to work with the National Cyber Security Centre and take up the Government’s advice and training.

“Charities must do better to protect the sensitive data they hold and I encourage them to access a tailored programme of support we are developing alongside the Charity Commission and the National Cyber Security Centre.”