Almost 70% of Britain's top business leaders have received no training in how to respond to a cyber attack, a new government report has revealed.
The figures come from the Cyber Governance Health Check, an annual report carried out by the Department for Digital, Culture, Media and Sport (DCMS) to assess the level of cyber security within FTSE 350 companies.
The results showed that out of Britain's top 350 businesses, 10% operate with no cyber incident response plan whatsoever, while two-thirds of boards are not kept updated with cyber security risk information. This is despite more than half of those surveyed identifying cyber security as a top business risk.
"We have world leading businesses and a thriving charity sector but recent cyber attacks have shown the devastating effects of not getting our approach to cyber security right," said minister for digital Matt Hancock.
"These new reports show we have a long way to go until all our organisations are adopting best practice and I urge all senior executives to work with the National Cyber Security Centre and take up the Government's advice and training."
Board-level awareness of the importance of cybersecurity has risen by almost 10% compared to last year's report, but experts have warned that without the confidence to get hands-on in the aftermath of a breach, board members may be putting their businesses at risk.
"While cyber security has cemented itself onto the board's agenda, they often lack the training to deal with incidents. This is hugely important as knowing how to deal confidently with an incident in the heat of the moment can save time and money," said KPMG's UK head of cyber security, Paul Taylor. "The aftermath of a cyber-attack, without the appropriate training in managing the issue, can result in reputational damage, litigation and blunt competitive edge."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.
Adam Shepherd has been a technology journalist since 2015, covering everything from cloud storage and security, to smartphones and servers. Over the course of his career, he’s seen the spread of 5G, the growing ubiquity of wireless devices, and the start of the connected revolution. He’s also been to more trade shows and technology conferences than he cares to count.
Adam is an avid follower of the latest hardware innovations, and he is never happier than when tinkering with complex network configurations, or exploring a new Linux distro. He was also previously a co-host on the ITPro Podcast, where he was often found ranting about his love of strange gadgets, his disdain for Windows Mobile, and everything in between.
You can find Adam tweeting about enterprise technology (or more often bad jokes) @AdamShepherUK.