Joint Blog by Shevaun Haviland CBE, Director General of the BCC, and Baroness Lloyd CBE, Minister for Digital Economy:
Almost all businesses are dependent on technology and access to their digital systems to create value and maintain operations. The growing adoption of emerging technologies, such as Artificial Intelligence, has the power to drive huge benefits for businesses. However, increased digitisation also brings new complex threats that cyber criminals are seeking to exploit.
Hostile activity in UK cyberspace has increased in frequency, sophistication and intensity. The National Cyber Security Centre (NCSC) has warned that it is the new normal that cyber criminals will target organisations of all sizes and in any sector, from local coffee shops to providers of critical national infrastructure. Within the last year alone, it is estimated that 600,000 businesses have suffered a cyber breach or attack.
The government has taken action to combat this threat by introducing the Cyber Security and Resilience Bill. The Bill will strengthen national security and protect growth by boosting cyber protections for the essentials services that people and businesses rely on every day.
For all businesses, including those outside the scope of the Cyber Security and Resilience Bill, being resilient to cyber threats has never been more important. Cyber security incidents, such as data breaches or ransomware infections, can have a huge impact on organisations; in terms of higher costs, lower productivity, reputational damage and loss of customers. Being prepared to detect and quickly respond to incidents can reduce the financial and operational impact. Minister Lloyd of the Department for Science, Innovation and Technology recently stated that “resilience starts with preparation” and that “business leaders should ensure they have a robust incident response plan in place, which has been tested within the last year.”
Now is the time to act.
The organisations that handle cyber incidents best are the ones that have rehearsed them. It is vital that every business is prepared.
The British Chambers of Commerce and the UK Government are jointly calling on all businesses to take the following steps:
- Use the Cyber Governance Code of Practice: this resource sets out the fundamental actions to govern cyber risk effectively, including developing and testing incident response plans and creating a cyber security culture.
- Sign up to the NCSC’s early warning service: this free service informs your business of potential cyber attacks on your network
- Adopt Cyber Essentials and require it in your whole supply chain: Cyber Essentials is the minimum cyber security standard that businesses should have and prevents the majority of common attacks.
Taking these steps will boost your business’s resilience to cyber threats, providing stronger protections, reducing your risk, and supporting growth.