Government warns of cyber knowledge shortage at board level in the UK

Cyber Governance Health Check highlights the lack of understanding around cyber threats

Board members round a table

Board level executives at some of the UK's biggest companies still don't fully understand the potential impact of a cyber attack, according to a government report.

The Cyber Governance Health Check looks at the approach the UK's FTSE 350 companies take towards cyber security and the 2018 report published on Tuesday, showed that less than 16% of boards had a comprehensive understanding of the impact of a cyber attack.

This is despite 96% having a cyber security strategy in place and even more worryingly, only around half of those test their plans on a regular basis.

"The UK is home to world-leading businesses but the threat of cyber attacks is never far away," said Digital Minister Margot James. "We know that companies are well aware of the risks, but more needs to be done by boards to make sure that they don't fall victim to a cyber attack."

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

There are some positives with awareness of cyber attacks increasing year-on-year; almost three-quarters of respondents, 72%, acknowledge the risk of cyber threats is high, up from 54% in 2017.

The report said this is largely down to the introduction of the General Data Protection Regulations (GDPR), which has had a positive effect in increasing the attention that boards are giving cyber threats. In 2018, 77% of those responding to last years health check said that board discussion and management of cyber security had increased since GDPR came into force in May 2018.

"Boards need to recognise that they have a responsibility to drive changes to business and IT operating models to enable their organisations to be securable," Richard Horne, cyber security partner at PwC.

"Managing cyber risk is about far more than just building security controls, and requires board-driven business change. At PwC, we work with a variety of organisations and there's always a noticeable difference in those who have a strong understanding of cyber risk at board level."

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/operating-systems/microsoft-windows/354526/memes-and-viking-funerals-the-internet-reacts-to-the
Microsoft Windows

Memes and Viking funerals: The internet reacts to the death of Windows 7

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020