NCSC helps board members govern online risk
Image courtesy NCSC
The toolkit has been relaunched ahead of CYBERUK, the UK’s flagship cyber security conference - taking place later this month (19th-20th April) at the ICC Belfast (above) - which will see leaders from industry, government and academia come together to examine securing an open and resilient digital future.
With nearly all businesses relying on data and technology, the toolkit emphasises how board members should treat cyber risks with the same prominence as financial or legal risks, as cyber attacks can have severe impacts on an organisation’s ability to operate.
The updated toolkit now includes the benefits of cyber security, essential activities for the organisation and indicators of success. It features a range of new content, including bite-sized videos summarising key concepts, an executive summary and a podcast with contributions from industry-leading voices, all designed to make it more engaging than ever.
Users can also find real-life examples of how the Board Toolkit has assisted organisations, such as charity Water Aid, which used the resources to create a cyber security audit that helped leaders gain support from key stakeholders and strengthen their understanding. There is also an account of a ransomware attack on an industrial business from the eyes of its C-level team.
Lindy Cameron, NCSC CEO, said: “Cyber incidents can have severe impacts on organisations of all sizes, both in the short and longer term, from causing reputational damage to grinding operations to a halt.
“That’s why I am delighted to announce the launch of the NCSC’s refreshed cyber security Board Toolkit to help ensure cyber resilience is rightly put at the top of the agenda for all senior leaders.
“I’d encourage all CEOs, board members and senior leaders to read through the toolkit and use it to drive forward the cyber security conversations needed to keep their organisation secure online.”
The launch of the refreshed Toolkit was also welcomed internationally by the NCSC’s partners.
US Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said: “With corporate reputations and revenue on the line – and broader implications for our global security – we must continue to evolve how businesses are prioritizing cybersecurity. That’s why I’m so pleased that our close partners at NCSC are providing updated insight and advice in their latest Board Toolkit.
“Together, we need to catalyse a new model of sustainable cybersecurity that starts with a commitment at the Board level to incentivise a culture of corporate cyber responsibility in which managing cyber risk is treated as a fundamental matter of good governance. The global companies that reside in the US and the UK understand that cybersecurity is a borderless issue. This toolkit will be another valuable resource in helping them take accountability for cybersecurity decisions, ultimately raising the collective cybersecurity baseline for us all.”
The Board Toolkit, first launched in 2019, is designed to help board members, CEOs and senior leaders make informed decisions about cyber risks and adopt a systematic and practical attitude towards cyber security within their organisation.
It outlines the basic safeguards that can greatly reduce the likelihood - and impact – of a cyber attack on an organisation and covers a range of issues across three core topics:
- Creating the right environment so good cyber security practices can flourish
- Getting the right information to support decision making
- Taking steps to manage those risks
The new updates have been implemented following feedback received from industry to help ensure the resource remains up to date and relevant to board members.
The NCSC continues to offer an extensive suite of guidance, products and services for technical leaders in medium to large organisations, including its 10 Steps to Cyber Security, Exercise in a Box and Early Warning.
To view the Cyber Security Toolkit for Boards, click here : www.ncsc.gov.uk/collection/board-toolkit
