The CBI has responded to the Home Affairs Select Committee report on E-crime and cyber security, warning that its proposals to make it mandatory for businesses to report cyber attacks won’t help.
Matthew Fell, CBI Director for Competitive Markets, said: “Cyber attacks are a clear and present danger for businesses, posing financial and reputational risks, so this report is an important reminder to individuals and businesses to take steps to protect themselves.
“Proposals to force businesses to report a cyber attack as soon as it happens when they should instead be focusing on fighting the attack privately could be counterproductive and put them at greater risk.
“Mandatory reporting would also risk cyber security becoming a tick-box regulatory requirement and stifle business-to-business information-sharing.”
To protect against cyber attacks, the CBI is advising that businesses:
* Identify what’s valuable to the organisation and assess the risk
* Ensure the internal processes around staff behaviour are adequate – make everyone accountable
* Make sure technology and software is up to date.