Businesses across the UK have demonstrated time and again their capacity to react to a changing external environment. From COVID-19 to the ongoing global energy crisis, businesses have rapidly adjusted their strategies to adapt.
One of the latest challenges UK businesses are facing is the growing risk associated with operating online and remaining cyber secure. In 2021, 40% of UK businesses reported experiencing a cyber breach or attack. As first featured in the Times the CBI, alongside Steve Barclay (as lead Minister for Cyber Security) has called on businesses to work together and treat cyber security as a core boardroom responsibility; an equal threat to financial and other risks. Cyber attacks recognise no physical or geographical boundary, and cyber criminals thrive on the unwillingness of companies to share their experiences.
While reluctance to share when something goes wrong is completely understandable, cyber security is one area where healthy rivalry of business will not help, and where cooperation and sharing lessons learned, within and between our organisations, will make us all safer, along with the customers and the public that we serve. Companies must stress-test their whole supply chains' cyber security, right down to the smallest partner, because any weakness can be exploited. This isn't hypothetical. The attack on the Colonial Pipeline, which disrupted the lives of millions due to supply shortages, a fuel price spike, petrol stations running dry, was down to the theft of a single password.
This framework will direct you to the National Cyber Security Centre (NCSC) resources that you need to ensure your company has a robust and stress-tested cyber security strategy. Get key actions you can take and read case studies from other businesses with practical ideas to inform your organisation’s approach.
Take a look at the NCSC’s 10 steps to cyber security to stress test and furth