Listen to this article here
|
A new draft Code of Practice on cyber security governance has been published to help UK business leaders to bolster their resilience to cyber attacks.
Aimed at business directors and senior leaders, the guide aims to ensure businesses treat cyber threats as seriously as they would legal or financial risks to an organisation. The code also sets out the roles and responsibilities for protecting data within an organisation.
The draft Code of Practice has been designed in partnership with business leaders, cyber and governance experts and the National Cyber Security Centre (NCSC), with an open consultation on the guidelines now live until 19th March 2024.
Included in the code is a focus on ensuring plans are in place to respond to, recover from and report cyber attacks, as well as ensuring all employees are adequately trained to be aware of risks in order to adopt new technologies securely.
Viscount Camrose, Minister for AI and Intellectual Property, said:
“Cyber attacks are as damaging to organisations as financial and legal pitfalls, so it’s crucial that bosses and directors take a firm grip of their organisation’s cyber security regimes – protecting their customers, workforce, business operations and our wider economy.
“This new Code will help them take the lead in safely navigating potential cyber threats, ensuring businesses across the country can take full advantage of the emerging technologies which are revolutionising how we work.
“It is vital the people at the heart of this issue take the lead in shaping how we can improve cyber security in every part of our economy, which is why we want to see industry and business professionals from all walks coming forward to share their views.”
Lindy Cameron, National Cyber Security Centre CEO, said:
“Cyber security is no longer a niche subject or just the responsibility of the IT department, so it is vital that CEOs and directors understand the risks to their organisation and how to mitigate potential threats.
“This new Cyber Governance Code of Practice will help ensure cyber resilience is put at the top of the agenda for organisations and I’d encourage all directors, non-executive directors, and senior leaders to share their views.
“Senior leaders can also access the NCSC’s Cyber Security Board Toolkit which provides practical guidance on how to implement the actions outlined in the Code, to ensure effective management of cyber risks.”