A draft Code of Practice on cyber security governance published today will help directors and senior leaders shore up defences from cyber threats, as the government launches a new call for views from business leaders.
The guidance comes as figures show almost one in three 32% firms have suffered a cyber breach or attack in the past year, with a rise in damaging ransomware attacks and malicious actors posing significant threats as they look to take advantage of cyber security vulnerabilities.
Aimed at executive and non-executive directors and other senior leaders, the measures look to establish cyber security issues as a key focus for businesses, putting them on an equal footing with other threats like financial and legal pitfalls. As part of this, the Code recommends that directors set out clear roles and responsibilities across their organisations, boosting protections for customers and safeguarding their ability to operate safely and securely.
A key focus of the Code, designed in partnership with industry directors, cyber and governance experts and the National Cyber Security Centre (NCSC), is making sure companies have detailed plans in place to respond to and recover from any potential cyber incidents. The plan should be regularly tested so it’s as robust as possible, with a formal system for reporting incidents also in place.
Organisations are also encouraged to equip employees with adequate skills and awareness of cyber issues so they can work alongside new technologies in confidence. Today, the government is calling on businesses of all sizes from all sectors with an interest in cyber and governance issues to share their opinions on the draft Code, helping shape and deliver the future of improved cyber security in the UK.
Viscount Camrose, Minister for AI and Intellectual Property, said: “Cyber attacks are as damaging to organisations as financial and legal pitfalls, so it’s crucial that bosses and directors take a firm grip of their organisation’s cyber security regimes – protecting their customers, workforce, business operations and our wider economy.
“This new Code will help them take the lead in safely navigating potential cyber threats, ensuring businesses across the country can take full advantage of the emerging technologies which are revolutionising how we work.
“It is vital the people at the heart of this issue take the lead in shaping how we can improve cyber security in every part of our economy, which is why we want to see industry and business professionals from all walks coming forward to share their views.”
The benefits of the UK’s rapidly growing cyber landscape are said to be sizeable, unlocking new opportunities and ways of working, and creating new jobs to grow every sector of the UK economy – a key priority for the government.
However, the risks associated with growing an increasingly digital economy need to be addressed with practical action and robust safeguards. The introduction of the Cyber Governance Code of Practice marks a pivotal step in how the leaders and directors of all organisations approach cyber risk, underpinning the UK’s credentials as a cyber power and protecting our economy.
