Most FTSE 350 companies have not acted on or even viewed Government’s cyber security guidance

Almost half (47%) of the company secretaries at the 53 FTSE 350 businesses that responded to the survey said their board had not discussed the Government’s guidance, whilst a further 28% said that their board had not seen it.

The survey was undertaken on behalf of the Financial Times (FT) and the Institute of Chartered Secretaries and Administrators (ICSA). The results of the survey have been detailed in the third FT-ICSA Boardroom Bellwether report. (16-page / 1.42MB PDF)

Last year the Department for Business, Innovation and Skills (BIS), the Centre for the Protection of National Infrastructure and UK intelligence agency GCHQ produced joint new guidelines on cyber security. The guidance included ten steps that businesses can take to reduce cyber risks.

However, according to the report, just 13% of FTSE 350 boards have discussed the Government’s cyber security guidelines and acted upon them. A further 8% said they had discussed the guidelines but not acted on them. The remainder of the respondents (4%) said that the guidance was not applicable to their company.

SOURCE: out-law.com