Government urges UK businesses to better protect themselves from cyber criminals

Two thirds of large UK businesses “experienced a cyber breach or attack in the past year”

This week, the government issued two new reports: the Cyber Security Breaches Survey 2016 and the FTSE 350 Cyber Governance Health Check Report 2015, each of which looks at how the UK’s businesses are addressing the cyber threat.

Findings are broadly positive, demonstrating that boards are at last beginning to realise the scale of the problem, but businesses shouldn’t be complacent: board-level oversight of cyber security issues needs to continue to increase, especially with the introduction of the new EU General Data Protection Regulation (GDPR).

Among its key findings, the Cyber Security Breaches Survey determined that:

  • 69% of businesses say cyber security is a high priority for senior managers.
  • 65% of large firms detected a cyber security breach or attack in the past year.
  • 48% of businesses now have technical measures in the areas set out by the government’s Cyber Essentials scheme.

Minister for the Digital Economy Ed Vaizey commented:

The UK is a world-leading digital economy and this Government has made cyber security a top priority. Too many firms are losing money, data and consumer confidence with the vast number of cyber attacks. It’s absolutely crucial businesses are secure and can protect data. As a minimum companies should take action by adopting the Cyber Essentials scheme which will help them protect themselves.

Click here for more information on the Cyber Essentials scheme and learn how your organisation can get cyber secure from only £300 >>

FTSE 350 cyber security

Looking to larger organisations, the FTSE 350 Cyber Governance Health Check Report 2015 found that:

  • 33% of boards have clearly set and understood their appetite for cyber risk (up from 18% in 2014).
  • 49% of businesses place cyber risks as a top risk (up from 29% in 2014).
  • 77% of businesses have allocated budget specifically to protect customer data.

These statistics show an encouraging increase in board-level cyber risk awareness, but there is still a long way to go. All businesses should set and understand a cyber risk appetite. All businesses should allocate budgets to protecting customer data.

All boards need to ensure that cyber security is at the top of their agenda. The cyber threat is daily increasing in severity and scale, and new laws reflect this.

GDPR compliance

When the new EU General Data Protection Act (GDPR) comes into play on 25 May, 2018, all organisations that process personally identifiable information will need to have measures in place to protect it, or face fines of up to €20 million or 4% of annual global turnover – whichever is the higher.

Click here to download our free GDPR green paper and discover how to ensure you have taken appropriate technical and organisational measures to meet your compliance goals >>

EU GDPR audit

Two years isn’t long to prepare for the GDPR. If you haven’t done so already, you need to start your change programmes now.

All organisations should have a clear idea of the personal information they hold, including where it originated from and who it can be shared with.

Contact IT Governance now for assistance with your EU GDPR audit >>

Certified EU GDPR Foundation training course

If you need to learn about the GDPR’s requirements, how they’ll affect your organisation, and how you can achieve full compliance with the Regulation, you’ll be interested in our one-day GDPR Foundation training course.

Click for more information on the EU GDPR Foundation training course >>

EU General Data Protection Regulation Documentation Toolkit

Pre-order the EU GDPR Documentation Toolkit and receive all the critical documents your organisation needs to ensure compliance with the new Regulation, including documents covering data protection policy, DPO requirements, privacy impact assessments, incident response and breach reporting.

Click for more information on the EU GDPR Documentation Toolkit >>

Alternatively, email servicecentre@itgovernance.co.uk or call +44 (0)845 070 1750.