Business leaders urged to step up response to cyber threats
Submit Articles Back to Articles
Issued 05 September 2012 - BIS GCHQ
Currently, too few company chief executives and chairs take a direct
interest in protecting their businesses from cyber threats.
The UK’s most senior business leaders are getting new advice on how to
better tackle the growing cyber threats to their companies.
So now, for the first time, the Government and intelligence agencies
are directly targeting the most senior levels in the UK’s largest
companies and providing them with advice on how to safeguard their most
valuable assets, such as personal data, online services and
Today, the Government is launching Cyber Security Guidance
for Business at an event attended by FTSE 100 CEOs and
Chairs, Ministers from the Department for Business, Innovation and
Skills (BIS), Foreign Office, Cabinet Office, Home Office and senior
figures from the intelligence agencies.
Business Secretary Vince Cable said:
“Cyber security threats pose a real and significant risk to UK business
by targeting valuable assets such as data and intellectual property. By
properly protecting themselves against attacks companies are protecting
their bottom line.
“Ensuring this happens should be the responsibility of any chief
executive or chair as part of an approach to good corporate governance
which secures a business for the long-term.”
Foreign Secretary William Hague, as Minister responsible for the
Government Communications Headquarters (GCHQ), said:
“The UK is committed to building a secure, resilient, open and trusted
internet. We are working with partners across the globe to ensure this
vision becomes a reality.
“A networked world brings many advantages. But cyberspace – and
cybercrime – knows no borders. Businesses must be alert to the dangers.
Drawing on GCHQ’s experience and working with industry the Government
is committed to helping reduce vulnerability to attacks and ensure that
the UK is the safest place in the world to do business.”
Home Secretary Theresa May said:
“Cyber crime is a serious problem which affects businesses of all sizes
and can have devastating consequences.
“That is why we have funded the expansion of the Police Central e-Crime
Unit in the Metropolitan Police and SOCA’s Cyber Unit, and established
three regional cyber specialist hubs to help combat the threat. We will
build on this by introducing a dedicated cyber crime unit in the new
National Crime Agency.”
The new guidance, produced by the CESG (the Information Security arm of
GCHQ), BIS and the Centre for the Protection of National Infrastructure
(CPNI), will help the private sector minimise the risks to company
The guidance builds on a key objective within the Government’s Cyber
Security Strategy to work hand in hand with industry and make the UK
one of the most secure places in the world to do online business.
Cyber Security Guidance for Business consists of
• The first product is aimed at senior executives.
It offers some high level questions which we believe will assist and
support them to determine their critical information assets, support
them in their strategic level risk discussions and help them ensure
that they have the right safeguards and cultures in place
• The second product is an Executive Companion
which discusses how Cyber Security is one of the biggest challenges
that business and the wider UK economy face today. It offers guidance
for business on how together we can make the UK's networks more
resilient and protect key information assets against cyber threats. The
document focuses around key points of risk management and corporate
governance and includes some anonymous case studies based on real events
• The third product supports the Executive
Companion and provides more detailed cyber security information and
advice for 10 critical areas (covering both technical and
process/cultural areas). If implemented as a set it can substantially
reduce the cyber risk by helping to prevent or deter the majority of
types of attacks. For each of these 10 areas, we have summarised the
issue, outlined the potential risks and provided some practical
measures and advice to reduce these risks. The material integrates the
"Top 20 Critical Controls for Effective Cyber Defence" as endorsed by
CPNI. These controls provide further detailed guidance.
1. Copies of Cyber Security Guidance for Business
are available at the following link: http://www.bis.gov.uk/policies/business-sectors/cyber-security/downloads.
2. The UK Cyber Security Strategy can be viewed at the following link: http://www.cabinetoffice.gov.uk/resource-library/cyber-security-strategy.
3. The guidance builds on comments by the Foreign Secretary at the end
of the London Conference for Cyberspace (2nd
November 2011), in which he emphasised that cyberspace must be secure
and reliable so that it is trusted for online business, and that
innovators are confident that their discoveries will be appropriately
protected. Another theme was the importance of government and industry
taking a shared responsibility towards the prevention of cyber crime: http://www.fco.gov.uk/en/news/latest-news/?view=Speech&id=685672482.
4. The guidance also builds on comments made by Minister of State,
David Willetts in an interview to Business Technology, following the
selection of eight UK universities as Centres of Excellence to counter
cyber attacks (8 April 2012). In this article he emphasised the need
for Government and industry to work together to handle the wide range
of cyber security threats: http://biztechreport.co.uk/2012/04/getting-serious-about-security/.
5. In a speech to the
International Institute for Strategic Studies on 12 October 2010, Director
GCHQ, Iain Lobban, discussed how getting cyber right enables
the UK's continuing economic prosperity. He also commented on the
expertise that GCHQ can offer to help shape the UK’s response to the
cyber security threat: http://www.gchq.gov.uk/Press/Pages/IISS-CyberSpeech.aspx.
6. For more
advice on Cyber
Security – In the first
instance businesses should approach their own professional services
provider. If required, Cyber Security Guidance
for Business provides a BIS email box for
referrals. Further detailed advice on cyber security
(as well as physical and personnel measures) is available via the CPNI
7. The Budapest Conference
- following on from the
London Conference on Cyberspace in November 2011 - will be held in
October 2012 and will further develop the key issues around the secure
use of cyberspace that were identified in London.
8. GCHQ press office can be contacted on email@example.com
or 01242 221491 extension 33847.
• 2 billion internet users world wide
• The internet accounts for 3.4 per cent of GDP in the top 13
• The internet also accounts for 21 per cent of GDP growth in the last
5 years in mature countries
• The internet provides 2.6 jobs created for 1 job lost
• 75 per cent of Internet impact arises from traditional industries
• 10 per cent increase in productivity for small and medium businesses
from internet usage
• Small and medium businesses heavily using web technologies grow and
export as twice much as others.
10. The Government's economic policy objective is to achieve 'strong,
sustainable and balanced growth that is more evenly shared across the
country and between industries.' It set four ambitions in the ‘Plan
for Growth’ (PDF 1.7MB), published at Budget 2011:
• To create the most competitive tax system in the G20
• To make the UK the best place in Europe to start, finance and grow a
• To encourage investment and exports as a route to a more balanced
• To create a more educated workforce that is the most flexible in
Work is underway across Government to achieve these ambitions,
including progress on more than 250 measures as part of the Growth
Review. Developing an Industrial Strategy gives new impetus to this
work by providing businesses, investors and the public with more
clarity about the long-term direction in which the Government wants the
economy to travel.
About the Author
© Crown Copyright. Material taken from the BIS Department for Business, Innovation and Skills. Reproduced under the terms and conditions of the Click-Use Licence.
Follow us @Scopulus_News
Article Published/Sorted/Amended on Scopulus 2012-09-13 09:08:46 in Computer Articles