The government has set up a review to see what steps, including incentives and regulations,will encourage the leaders of UK organisations to take cyber-security seriously and budget accordingly. Today Digital Minister Matt Warman MP launched a call for evidence from across the industry as part of the Cyber Security Incentives and Regulation Review 2020.
The review document notes how in its DCMS FTSE 350 Cyber Governance Health Check 2018, it found 14 FTSE 350 companies had NO cyber-security strategy, less than half (46 percent) had a dedicated cyber-security budget and 43 percent didn’t have a cyber-incident response plan that they test on a regular basis. Just as shocking, over three quarters (77 percent) failed to recognise the cyber-risk across their diverse supply chains.
The stated aims of the review are to:
understand the barriers which prevent organisations from improving their cyber-security;
understand the effectiveness of existing regulations and guidance including GDPR and NIS; and
develop a range of policy proposals to address any gaps.
It is particularly looking for information and data on the barriers to taking action on cyber-security, the information which would help organisations invest in cyber-security, and what more organisations and government could do to stimulate more effective cyber-risk management.
In his official statement Warman said: "Good cyber-security is an absolute necessity but recent research shows less than a fifth of company boards understand the impact associated with cyber-threat. I hope this review will encourage the industry to think about what government could do to help and what incentives might encourage firms and businesses to manage their cyber-risk.
"We welcome input from all types of organisations in all sectors, especially organisations that influence and set market expectations, such as membership bodies, consultancies, auditors, insurers, investors, corporate and risk governance bodies, regulators and professional associations.
The call for evidence is open until Friday 20 December 2019.