Almost three quarters (71 per cent) of all boards of directors in the UK would love to see companies penalised for not complying with the most basic cybersecurity requirements. This is according to a new poll by cybersecurity firm NCC Group. Even more (77 per cent) believe regulators should be tougher on companies that are discovered to have poor cybersecurity.
The report, entitled ‘Elephant in the Bedroom’ is based on a poll of 200 board directors in UK organisations with 500 employees, or more.
“Cyber security is the greatest risk facing modern business,” says NCC Group’s CEO, Rob Cotton.
“For years it hasn’t been taken seriously enough in boardrooms across the country and while these results don’t prove that it’s now being managed appropriately, they do show that directors are realising that greater scrutiny and oversight from regulators and government will stimulate the necessary action and help drive-up standards. This can only be a good thing for businesses and consumers alike.”
The report also claims almost half (48 per cent) see cybersecurity as a bigger issue than market volatility. Many positive changes have been made, but they’re insufficient, Cotton added.
“We work with thousands of organisations and see up close how they manage cyber risk. Only the most mature have true board-level ownership and focus their efforts on resilience – knowing that attacks will happen and prepare accordingly. Too many companies are still adopting an ‘it won’t happen to us’ attitude and passing the risk to the IT department or outsourcing it to third parties. That could amount to negligence.”
Image source: Shutterstock/deepadesigns