The UK’s top firms and charities “urgently” need to improve their ability to respond to online attacks, the Government has warned.
A Government survey of the FTSE 350 has revealed 68% of board members have not been trained to deal with cybersecurity incidents, potentially leaving their businesses in danger.
More than half of board members recognise that cyber threats are a top risk to their business but 69% of them still do not receive comprehensive information on that risk.
The Government is urging businesses to collaborate with the National Cyber Security Centre to develop methods to protect themselves from the economic effects of a successful cyberattack.
Matt Hancock MP, the minister for digital, said that recent incidents had shown “the devastating effects of not getting our approach to cyber security right” and added that the UK has “a long way to go until all our organisations are adopting best practice”.
Firms involved in energy, transport and health are now also facing multimillion-pound fines under proposals which will require them to have strong cybersecurity measures in place.
The suggested fines are aimed at preventing hackers from crippling networks, as happened earlier in the summer with NHS systems.
These measures will include monitoring threats and detecting attacks, good staff training, and having quick recovery systems in place.
In 2015, TalkTalk claimed that it had experienced a “significant and sustained cyberattack”, although an investigation into the incident found that a rudimentary security vulnerability was responsible.
Its share price tumbled following the attack and has still not recovered. Its reputation was damaged even further when the company was handed a record fine by the data watchdog for lapse security practices.