Almost 70% of Britain's top business leaders have received no training in how to respond to a cyber attack, a new government report has revealed.
The figures come from the Cyber Governance Health Check, an annual report carried out by the Department for Digital, Culture, Media and Sport (DCMS) to assess the level of cyber security within FTSE 350 companies.
The results showed that out of Britain's top 350 businesses, 10% operate with no cyber incident response plan whatsoever, while two-thirds of boards are not kept updated with cyber security risk information. This is despite more than half of those surveyed identifying cyber security as a top business risk.
"We have world leading businesses and a thriving charity sector but recent cyber attacks have shown the devastating effects of not getting our approach to cyber security right," said minister for digital Matt Hancock.
"These new reports show we have a long way to go until all our organisations are adopting best practice and I urge all senior executives to work with the National Cyber Security Centre and take up the Government's advice and training."
Board-level awareness of the importance of cybersecurity has risen by almost 10% compared to last year's report, but experts have warned that without the confidence to get hands-on in the aftermath of a breach, board members may be putting their businesses at risk.
"While cyber security has cemented itself onto the board's agenda, they often lack the training to deal with incidents. This is hugely important as knowing how to deal confidently with an incident in the heat of the moment can save time and money," said KPMG's UK head of cyber security, Paul Taylor. "The aftermath of a cyber-attack, without the appropriate training in managing the issue, can result in reputational damage, litigation and blunt competitive edge."
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Homeland Security warns businesses of Oracle and SAP ERP vulnerabilitiesNews Oracle and SAP urge customers to apply patches to secure systems against hackers
-
Most CEOs steal IP from previous employersNews Emotionally-driven decisions put companies at risk, finds security report
-
Three foolproof ways CEOs and CISOs can work together more effectivelyIn-depth How involved is your Chief Information Security Officer (CISO) in business decisions?
-
CEO's pay should be linked to security performance, says government committeeNews New report recommends that CEOs be held directly accountable for data breaches
-
Breach of the data protection peaceIn-depth With the ICO rarely fining for breaches of the Data Protection Act, are businesses breaking rules as they can get away with it or is the ICO bringing about some other type of corporate telling off?
-
HBGary CEO steps down after Anonymous breachNews HBGary's CEO resigns after Anonymous leaks emails stolen from the security firm.
