National Cyber Security Centre Publishes Cyber Board Toolkit
Board members need to understand cyber security.
It is a statement that is regularly made about businesses, regardless of the sector or the size of the organisation, without further thought as to how those board members can better understand their organisation’s cyber risk profile. With new regulations in place, such as the General Data Protection Regulation (GDPR), board members now have raised expectations as to their roles and responsibilities.
That is why the National Cyber Security Centre (NCSC) today published a cyber Board Toolkit – made relevant to anyone that is accountable within an organisation, from the Board of Directors or Governors to Trustees and Partners. The Toolkit is also relevant for technical staff and security practitioners, who are able to use the questions in the toolkit to frame discussions with the Board. Through using the Toolkit, board members can know enough about cyber security in order to have a fluent conversation with their cyber practitioners.
The Toolkit provides:
- A general introduction to cyber security
- Separate sections, each dealing with an important aspect of cyber security. For each aspect, we will: explain what it is, and why it's important, recommend what individual Board members should be doing, recommend what the Board should be ensuring your organisation is doing and provide questions and answers which you can use to start crucial discussions with your cyber security experts
3. An Appendix summarising the legal and regulatory aspects of cyber security
Commenting on the publication of the launch, techUK's President Jacqueline de Rojas said:
“A common issue in the UK boardroom has been that cyber is delegated to the IT department and does not rise to the surface as a priority until a breach has occurred. Given that a cyber attack is no longer an 'if' but more likely a 'when', board members need help with guidance on what to protect and how to go about it.
Put together with input from a selection of boards from diverse sectors, this NCSC toolkit is a practical resource for board members and their CISOs. To help identify best practice and better understand how to articulate and discuss cyber investment decisions in the boardroom.
As the threat landscape increases and changes, techUK looks forward to working with the NCSC to promote and extend this guidance. In the event of an incident, boards will be in a position to respond effectively and in many cases take proactive steps to avoid attack on the first place.”
For further information, please visit the NCSC website here
Latest News from
A new tool to combat fake news: and it's not AI24/04/2019 15:38:00
NewsGuard launches in the UK to tackle disinformation and misinformation online using human intelligence.
GCHQ to work closer with industry to share details of cyber incidents24/04/2019 14:05:00
Jeremy Fleming, in speech at CYBERUK, promises to increase collaboration to create an “automated cyber-defence system” across the UK.
The road to a digitally empowered nation24/04/2019 12:05:00
techUK welcomes Government’s plans to boost digital skills for adults.
Welcome to techUK AI Week23/04/2019 14:05:00
Katherine Mayes, Cloud, Data Analytics and AI Programme Manager, welcomes you to techUK's AI week.
Tech Nation chooses 20 companies to join Cyber growth programme18/04/2019 16:25:00
The programme, funded by DCMS, aims to help grow and scale the UK’s most promising cyber scale-ups.
Register now for event aimed at new Defence suppliers18/04/2019 11:25:00
An event focusing on Radio Frequency (RF) is to be held at Cranfield University looking for large non-defence 5G and SDR providers.
Home Secretary sets out new approach to tackling violent crime17/04/2019 11:25:00
techUK’s Justice and Emergency Services Programme Manager, Jessica Russell, yesterday responded to the Home Secretary’s announcement.
techUK response to the ICO’s draft Age Appropriate Design Code17/04/2019 09:15:00
Ben Bradley, Senior Policy Manager at techUK, responds to the ICO’s draft Age Appropriate Design Code.