Connect with us
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Business

National Cyber Security Centre warns boards that it’s time to get technical

National Cyber Security Centre warns boards that it’s time to get technical

The head of the Government’s National Cyber Security Centre (NCSC) today warned boards that they ‘need to get technical’ to understand the cyber risks facing their businesses.

At a speech delivered at the annual CBI Cyber Security conference, Ciaran Martin, the CEO of the NCSC, called on board members to rise to the cyber security challenge by improving their cyber security literacy.

In particular, Mr Martin stressed the importance of understanding the basics of cyber-attacks, cyber risks and cyber defences to be able to more effectively direct their organisation’s response to threats.

He also flagged the cyber security risks facing the UK from nation states – including Russia – as well as large-scale criminal cyber activity.

The five questions the NCSC is recommending boards ask are:

  1. How do we defend our organisation against phishing attacks?
  2. What do we do to control the use of our privileged IT accounts?
  3. How do we ensure that our software and devices are up to date?
  4. How do we ensure our partners and suppliers protect the information we share with them?
  5. What authentication methods are used to control access to systems and data?

David Morris, a technology risk assurance director from RSM said: ‘The NCSC has today set out some of the high level technical questions that boards should be asking in order to protect their businesses from cyber-attack.

‘All of these questions focus on the technology and process elements of implementing an effective cyber strategy. This is clearly important and there needs to be a continuous process of maintaining and monitoring systems to ensure they remain fit for purpose. However, people risk remains a key vulnerability and it’s likely that we will hear more about this when more detailed guidance is published later this year.

‘The NCSC also revealed some of the eye-watering costs suffered by businesses that fall victim to cyber-attack. For example, one company affected by last year’s NotPetya attack, had to take a hit of up to £250m as a result of having to install 4,000 new servers, 45,000 new PCs and 2,500 new applications.

‘Another consequence of a cyber breach is the risk of breaching the new General Data Protection Regulation (GDPR). Under GDPR, penalties for non-compliance can now reach up to €20 million or 4 per cent of annual global turnover – whichever is higher.

‘Following recent high-profile data loss incidents, we also beginning to see the emergence of class actions which seek to compensate consumers for inconvenience, distress and misuse of data. This puts even more financial pressure on businesses that have fallen victim.

‘Consumer behaviour is also likely to be affected. Research released by the CBI today found that almost 9 out of 10 people say businesses that protect their data will win their custom. The corollary must be that those that don’t protect data are bound to lose out.’

Global Banking and Finance Review Awards Nominations 2022
2022 Awards now open. Click Here to Nominate

Advertisement

Newsletters with Secrets & Analysis. Subscribe Now