The government has warned the UK’s top businesses are ill-prepared for the growing risk posed by cyber-attacks, with a new study finding one in ten operate without a response plan for an incident.
The government’s annual ‘Cyber Health Check’ study, published on Monday, found one in ten FTSE 350 companies have no response plan for a cyber-attack, while two-thirds (68 percent) of companies boards had received no training for how to deal with an incident.
That’s in spite of the fact that more than half (54 percent) said Internet-borne threats were a top risk to their business.
Minister for digital Matthew Hancock said the recent attacks had been “devastating” and showed the risks of failing to make adequate preparations.
“These new reports show we have a long way to go until all our organisations are adopting best practice,” he stated.
He urged organisations to take up advice and training offered by the government and the National Cyber Security Centre (NCSC), GCHQ’s cyber-security arm.
What mobile network are you using?
The study found more than half of company boards (53 percent) are now setting out their approach to cyber risks, up from 33 percent a year ago, while more than half of businesses (57 percent) had a clear understanding of the impact of a cyber attack, up from 49 percent.
Separate figures found staff at charities were not well informed about cyber risks, while those in charge of computer security were often relying on outsourced IT providers to deal with threats.
“Charities have lots of competing priorities but the potential damage of a cyber-attack is too serious to ignore,” stated Helen Stephenson, chief executive at the Charity Commission for England and Wales.
A recent study by Lloyds of London found a cyber attack could cause £40bn of damage worldwide.
Do you know all about security in 2017? Try our quiz!