Survey Exposes Gaps in UK Companies’ Readiness for Cyber Threats
On the positive side, however, a significant number of company leaders surveyed acknowledged that they had “more to do” in relation to cyber threats, and 62 percent of companies surveyed think their board members are taking cyber risk very seriously. It is important, therefore, that this awareness at the top level filters down to the management and operational level, to ensure that businesses are dealing with cyber threats effectively in their day-to-day activities.
These results echo some of the concerns discussed at a cyber security seminar which Hogan Lovells recently hosted at its London offices.
In an effort to improve awareness of cyber security issues, the UK Government is currently working to develop an industry-led “cyber standard” to encourage businesses to embrace best-practices in relation to cyber risk management whilst improving the information available to those buying cyber-security products. A Computer Emergency Response Team (CERT-UK) is also due to be launched early next year.
However, these initiatives may be impacted by the proposals contained within the current draft EU Directive for Network and Information Security. A recent UK Government consultation on the Directive highlighted that the current proposal would impose a double duty in relation to reporting data security breaches, as well as increased security costs for affected businesses. The Directive is still being negotiated by the Council of the EU, the European Parliament and the Commission.