Advancing UK Aerospace, Defence, Security & Space Solutions Worldwide
  • Home
  • /
  • Security
  • /
  • Guidelines to help businesses resist cyber attacks

Security

Guidelines to help businesses resist cyber attacks

A draft Code of Practice on cyber security governance published today will help directors and senior leaders shore up their defences from cyber threats, as the UK Government launches a new call for views from business leaders.

Image courtesy DSIT

Aimed at executive and non-executive directors and other senior leaders, the measures look to establish cyber security issues as a key focus for businesses, putting them on an equal footing with other threats like financial and legal pitfalls. As part of this, the Code recommends that directors set out clear roles and responsibilities across their organisations, boosting protections for customers and safeguarding their ability to operate safely and securely.  

Advertisement
Cranfield

A key focus of the Code, designed in partnership with industry directors, cyber and governance experts and the National Cyber Security Centre (NCSC), is making sure companies have detailed plans in place to respond to and recover from any potential cyber incidents. The plan should be regularly tested so it’s as robust as possible, with a formal system for reporting incidents also in place.  

Organisations are also encouraged to equip employees with adequate skills and awareness of cyber issues so they can work alongside new technologies in confidence. Today, the government is calling on businesses of all sizes from all sectors with an interest in cyber and governance issues to share their opinions on the draft Code, helping shape and deliver the future of improved cyber security in the UK.

Viscount Camrose, Minister for AI and Intellectual Property, said: "Cyber attacks are as damaging to organisations as financial and legal pitfalls, so it’s crucial that bosses and directors take a firm grip of their organisation’s cyber security regimes - protecting their customers, workforce, business operations and our wider economy.  

"This new Code will help them take the lead in safely navigating potential cyber threats, ensuring businesses across the country can take full advantage of the emerging technologies which are revolutionising how we work.  

"It is vital the people at the heart of this issue take the lead in shaping how we can improve cyber security in every part of our economy, which is why we want to see industry and business professionals from all walks coming forward to share their views.”

The benefits of the UK’s rapidly growing cyber landscape are sizeable, unlocking new opportunities and ways of working, and creating new jobs to grow every sector of the UK economy – a key priority for the government. This means the risks associated with growing an increasingly digital economy need to be addressed with practical action and robust safeguards. The introduction of the Cyber Governance Code of Practice marks a pivotal step in how the leaders and directors of all organisations approach cyber risk, underpinning the UK’s credentials as a cyber power and protecting our economy.  

The guidance comes as figures show almost one in three (32%) firms have suffered a cyber breach or attack in the past year, with a rise in damaging ransomware attacks and malicious actors posing significant threats as they look to take advantage of cyber security vulnerabilities.

New statistics and analysis showing the positive impact of the government’s Cyber Essentials scheme, which helps organisations protect against common cyber attacks, are also published today. Through this scheme, organisations which demonstrate they have vital cyber security controls in place, including effective management of security updates, having suitable anti-virus software and removing default passwords, are awarded a 'Cyber Essentials certificate'. 38,113 certificates have been awarded to organisations in the past year, and two in five (39%) of the UK’s largest businesses now hold the accolade.  

New analysis of the Cyber Security Breaches Survey also shows that around two thirds (66%) of businesses which adhere to Cyber Essentials have a formal cyber incident response plan, compared to just 18% of those who don’t follow its guidance.  

Lindy Cameron, National Cyber Security Centre CEO, said: "Cyber security is no longer a niche subject or just the responsibility of the IT department, so it is vital that CEOs and directors understand the risks to their organisation and how to mitigate potential threats.

"This new Cyber Governance Code of Practice will help ensure cyber resilience is put at the top of the agenda for organisations and I’d encourage all directors, non-executive directors, and senior leaders to share their views.

"Senior leaders can also access the NCSC’s Cyber Security Board Toolkit which provides practical guidance on how to implement the actions outlined in the Code, to ensure effective management of cyber risks."

Advertisement
Marshall RT 2

To further support organisations to improve their cyber security and provide more clarity on best practice, the government is also publishing its response to a call for views on software resilience and security today, to help address software risks and make organisations more resilient to cyber threats.

A number of recent, high-profile cyber incidents, including one which took the NHS 111 service offline, have demonstrated the severe impacts attacks on software and digital supply chains can have. The response to the call for views proposes steps to empower those who develop, buy and sell software to better understand how they can reduce risk, prioritising the protection of businesses and other organisations that are reliant on software for their day-to-day operations.

Software is fundamental to virtually all technology used by businesses, from programmes for managing payroll, to essential operating systems and more advanced and emerging technologies such as AI. Protecting software is therefore crucial to protecting businesses and organisations and is a critical part of the government’s work to improve UK cyber resilience.

The plans include measures to ensure software is developed and maintained securely, with risks better managed and communicated throughout supply chains. The government is working with industry to develop these proposals further, from developing a code of practice for software vendors, which will form the crux of this proposed package, to cyber security training for professionals.  

The call for views, which will be open until 19th March 2024, will help ensure this new Code is straightforward to understand and roll out, and will also help to identify any potential barriers organisations could face in bringing it into force.

The work is part of the government’s £2.6 billion National Cyber Strategy to protect and promote the UK online.

 

 

 

Advertisement
TT Electronics LB TT Electronics LB
Adarga acquires J2X Solutions

Defence Security

Adarga acquires J2X Solutions

13 June 2024

London headquartered AI software specialist Adarga, today announced the acquisition of US strategic risk intelligence firm, J2X Solutions.

G3 Systems refurbs British Army’s TCDA

Defence Security

G3 Systems refurbs British Army’s TCDA

13 June 2024

G3 Systems has announced a rolling refurbishment programme, contracted by the UK MoD’s Defence Equipment and Support (DE&S) agency, to extend the working life of their operationally proven and highly acclaimed Tactical Containerised Dog Accommodation (TCDA) for use by 1st Military Working Dogs (MWD) Regiment, based at St Georges Barracks, North ...

Airports criticise Government over liquids restrictions announcement

Aerospace Security

Airports criticise Government over liquids restrictions announcement

13 June 2024

Over the weekend, the UK's Department for Transport (DfT) announced that from 00:01 on Sunday 9th June 2024, 100ml restrictions on liquids will temporarily be reintroduced at UK airports.

Base Materials boosts subsea buoyancy options

Defence Security

Base Materials boosts subsea buoyancy options

12 June 2024

Leicester headquartered Base Materials has launched a new buoyancy repair and refurbishment service providing remotely operated vehicle (ROV) owners and operators with a more sustainable alternative to purchasing new buoyancy modules.

Advertisement
ODU RT
Kromek presenting D5 RIID at Eurosatory 2024

Defence Security Events

Kromek presenting D5 RIID at Eurosatory 2024

12 June 2024

Sedgefield based radiation and biological detection company Kromek, will focus on the latest evolution of its D5 RIID at Eurosatory next week (17th-21st June), which can now be mounted onto any unattended UGV platform.

Hughes Europe expands into defence and government sectors

Defence Security Space

Hughes Europe expands into defence and government sectors

12 June 2024

Hughes Europe has announced its strategic expansion into the military, defence and government sectors across pan-European nations, with launch of Konnect VHTS Services in collaboration with Telespazio.

Advertisement
ODU RT