Government has certainly stepped up efforts to protect UK business, starting with the launch of the Cyber Essentials Scheme in 2014, followed by renewed focus on the threat with a £1.9bn investment in a National Cyber Security Strategy and now the establishment of The National Cyber Security Centre (NCSC) in London.
While the NCSC is a great resource for UK businesses, it’s important to remember that companies themselves have an important role to play in their own cyber security plans. It’s not enough to rely on government. Small and mid-market organisations particularly have a lot to lose when it comes to cyber attacks as it’s not necessarily data or records that criminals are after. Ransomware or DDoS attacks can have devastating consequences on revenues, customer trust and reputation.
As a result, UK businesses need to do all they can to ensure they have the most fundamental practices and procedures in place to mitigate risk — whether that is getting Cyber Essentials certified, working with service providers to develop and implement a cyber security strategy, or focus on employee awareness (or, indeed a combination of all of these).