Consultation opened on cyber governance code
A Code of Practice on cyber security governance has been published by the Department for Science, Innovation & Technology that is designed to help businesses better defend themselves from cyber threats.
The more digital business life has become, the more cyber security issues have become an essential part of risk management for every business. Figures indicate that 32% of firms have experienced a cyber breach or attack in the last year, and ransomware attacks and malicious actors posing significant threats continue to rise.
The NHS 111 service was taken offline after a cyber-attack, and reports suggest that the focus for the instigators is now moving from large organisations to smaller businesses, where defences may not be as robust.
How will the code help?
Because of the prevalence of cyber attacks, and their ability to significantly impact business, the cyber governance code seeks to help directors take cyber issues as seriously as they would legal or financial issues.
The new code stresses the importance of having detailed plans in place to respond to and recover from any potential cyber incidents. Regular testing of the plans and a formal system for reporting incidents is also encouraged, as is appropriate training for employees who may not have the skills or awareness to spot potential cyber issues.
What can businesses do at the moment?
Many businesses are already taking advantage of the government’s Cyber Essentials scheme. This allows a business to show they have vital security controls in place, for example managing security updates, having suitable anti-virus software and proper password protection.
A certificate is awarded to businesses that can demonstrate these controls. Over 38,000 certificates were awarded in the last year, with 39% of the UK’s largest businesses now holding such a certificate. This highlights a growing move by business to recognise cyber threats and accept the need to do something about it.
How to have your say…
Directors, non-executive directors, and senior leaders are all encouraged to share their views on the new cyber governance code. The consultation will be open until 19th March 2024, so if you’d like to add your thoughts, opinions and experiences to the survey, or just find out more, you can do that here.
Business Updates
We send regular updates that keep clients aware of changes and suggestions on a wide range of subjects; if you’d like to receive those too, just add your details below and we’ll do the rest! We promise not to bombard you and you can unsubscribe at any time.