IT disaster recovery, cloud computing and information security news

Many British boards uninformed and unprepared for cyber incidents

Britain’s top firms urgently need to do more to protect themselves from online threats, according to new Government research and a ‘cyber health check’ published recently.

Undertaken in the wake of recent high profile cyber attacks, the survey of the UK’s biggest 350 companies found more than two thirds of boards had not received training to deal with a cyber incident (68 percent) despite more than half saying cyber threats were a top risk to their business (54 percent).

One in ten FTSE 350 companies said they operate without a response plan for a cyber incident (ten percent) and less than a third of boards receive comprehensive cyber risk information (31 percent).

There has been progress in some areas when compared with last year’s health check, with more than half of company boards now setting out their approach to cyber risks (53 percent up from 33 percent) and more than half of businesses having a clear understanding of the impact of a cyber attack (57 percent up from 49 percent).

The UK Government will soon be introducing its new Data Protection Bill to Parliament. With this coming into effect next May, implementing the General Data Protection Regulation (GDPR), the health check report for the first time included questions about data protection.

The report found:

  • Awareness of GDPR was good, with almost all firms (97 percent) aware of the new regulation;
  • Almost three quarters (71 percent) of firms said they were somewhat prepared to meet the GDPR requirements, with only 6 percent being fully prepared;
  • Just 13 percent said GDPR was regularly considered by their board;
  • 45 percent of Boards say they are most concerned with meeting GDPR requirements relating to an individual’s right to personal data deletion.
The FTSE 350 Cyber Governance Health Check is carried out in collaboration with the audit community, including Deloitte, EY, KPMG and PWC. 


Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

   

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.