The Department for Business, Innovation and Skills in the UK recently released the findings from their Cyber Governance Health Check of FTSE 350 Companies, the largest companies in the UK. The survey reveals that most of UK's top companies are not taking cyber risks seriously in their decision making, which was a surprising result.
According to the survey, only 14% of FTSE 350 companies are regularly considering cyber threats, with a significant number not receiving any intelligence about cyber criminals. Science Minister David Willetts is working with businesses to encourage cyber security to be a board-level responsibility; currently, 62% of companies think their boards take cyber risks seriously.
With UK's top companies having access to a great deal of personal data, not to mention sensitive corporate data, it is troubling that only 60% understand what their key information and data assets are. Without understanding of data assets, it's difficult to set a plan in place to protect it - on network, in cloud or on endpoints.
The government is currently working on an official cyber standard to help encourage stronger cyber practices; it is expected to launch in early 2014.