A new survey by the Department for Business, Innovation and Skills (BIS) has revealed that only 14% of British FTSE 350 firms are regularly considering cyber threats, despite the increasingly high level of online crime.
According to The Symantec Corporation and Ponemon Institute’s 2013 Cost of Data Breach report the three main causes of data breaches in the UK in 2012 were:
- 29% of security incidents were caused by a system glitch
- 34% by malicious attack
- and 37% by human error
According to the same report the average cost of a data breach is:
- £82/ $132 per record in the UK
- £117/ $188 per record in the United States
- £124/ $199 per record in Germany
Whist the British government is urging organisations to ‘do more to tackle cyber crime’, it hasn’t yet come with a solution and clear guidance on practical next steps. Good business practice requires that organisations develop a cyber security plan or strategy that will enable them to counteract cyber crime. Importantly, they need a methodology which helps them to control and mitigate risks.
It goes without saying that you cannot improve your cyber security if you don’t know where the gaps are.
IT Governance has developed a Cyber Security Self-Assessment questionnaire to help business owner, senior decision makers and information security professionals check their organisation’s level of cyber security against the UK government’s recommended controls.
This questionnaire is multiple choice and requires less than five minutes to complete.