Some of the UK’s top businesses are failing to take adequate cyber security measures according to a new report by the Department for Business, Innovation and Skills (BIS).
The report into the top FTSE 350 firms found that only 14 percent are regularly considering cyber security threats, a figure that science minister David Willetts said needed to be higher as the threats from cyber attackers on big business have the potential to impact the whole nation.
“Without effective cyber security, we place our ability to do business and to protect valuable assets such as our intellectual property at unacceptable risk,” he said.
However, other elements of the findings by BIS painted a more positive picture, with 62 percent of companies saying they think board members take cyber risks “very seriously”, while 60 percent know which key information and data assets must be protected.
The report also noted that the bring-your-own-device (BYOD) trend is currently a big issue for many respondents, but this is also causing security concerns.
“A lack of clear direction of ‘best practice’ leaves many organisations unsure of the right approach to take to minimise the associated risk,” the report noted.
Willetts used the threat of cyber incidents to tout the ongoing work by the government to try and improve cyber security across the industry through information-sharing partnerships.
“A vital pre-requisite for driving forward our collective maturity and confidence in this area is the timely availability of relevant and appropriate cyber security standards with which organisations can develop and demonstrate their cyber security abilities and credentials,” he said.
Such moves by the government to improve security include the Cyber Security Information Sharing Partnership (CISP), which was unveiled in March. Some have criticised this approach for failing to provide helps for SMEs as well as big businesses.
Dan Worth is the news editor for V3 having first joined the site as a reporter in November 2009. He specialises in a raft of areas including fixed and mobile telecoms, data protection, social media and government IT. Before joining V3 Dan covered communications technology, data handling and resilience in the emergency services sector on the BAPCO Journal.