Government urges cyber health checks as a boardroom priority

Business concept: digital screen with icon Folder With Shield, 3d render

Continuing the UK Government’s sustained push to create greater awareness and accountability around cyber security, it has urged the FTSE 350 firms to undertake a cyber health check to help them understand and improve their cyber security levels.

“With more and more of our daily transactions done online, keeping our personal data safe is a top priority for this Government,” said Digital Economy Minister Ed Vaizey.

According to the government’s FTSE 350 Cyber Governance Health Check Tracker Report:

  • 88% of FTSE 350 firms now include cyber security in their risk register;
  • Only 30% of board members received regular high-level cyber security intelligence from their CIO or head of security;
  • Only 24% of boards based their risk discussions on comprehensive management information.

Change the way you manage cyber risks

The government believes that cyber health checks encourage UK companies to change the way they manage cyber risks, and push the onus of managing cyber risks away from the IT department, on to company directors and audit committees.

A cyber health check identifies your cyber risks, audits the effectiveness of your responses to those risks, analyses your organisation’s risk exposure and delivers a prioritised action plan for managing those risks in line with your business objectives. The report is delivered in business terms, and can be used as a tool in the boardroom to prioritise risks and required actions. It also provides a high-level cost-benefit analysis, which includes any longer-term initiatives around deploying international best practice where needed.

IT Governance has been a proponent of the cyber health check for many years. Our two-day Cyber Health Check combines on-site consultancy and audits with penetration testing to assess an organisation’s cyber risk exposure.

The government’s cyber security guidance also encourages organisations to adopt the Cyber Essentials scheme, which protects organisations against common cyber attacks, and can prevent around 80% of cyber attacks.

IT Governance is also a CREST-accredited certification body for the Cyber Essentials scheme, and has certified over 80 companies to either Cyber Essentials or Cyber Essentials Plus.

Contact us today to find out more about our Cyber Health Check or Cyber Essentials certification services.