GCHQ and MI6 have jointly taken the unprecedented step of writing to all FTSE 350 chairmen urging them to take part in a “cyber governance health check”.
According the Financial Times, “The ‘health check’ involves both the chairman of the company and the chair of the company’s audit committee completing a questionnaire intended to assess how well the company handles issues such as protecting intellectual property and safeguarding customer data.”
Over the past few years the threat posed by cybercrime has grown exponentially and businesses, on the whole, have been unable to keep up with the evolving landscape. On an almost weekly basis stories emerge about yet another company to fall foul of a cyberattack – according to The Telegraph, Lakeland has been the most recent high profile victim.
HP’s Richard Archdeacon, Head of Security Strategy at HP Enterprise Security comments: "Here at HP we certainly support and welcome the steps taken by GCHQ and MI5 and agree that organisations need to be ever more vigilant in protecting themselves from cybercrime. HP, in conjunction with the Ponemon Institute found that the average annualised cost of cybercrime for the organisations surveyed in the UK to be £2.1 million per year. Taken in conjunction with the figures presented by The Financial Times/ICSA Boardroom Bellwether survey, this is truly worrisome. Clearly cybercrime has elevated itself from being an issue dealt with by IT to being a board-level concern. This is indicated clearly by the upgrading of cyber security from 12th to 3rd Place on Lloyd's Risk Index List.
There are however steps that businesses can take in order to mitigate the potential fall-out of a breach such as implementing a good defence-in-depth strategy, improving training amongst employees and at a bare minimum, adhering to UK government regulation and compliance standards.
The playing field has changed dramatically in recent years and companies should no longer be asking ‘if’ they will be attacked, but rather ‘when’ they will be."