With the wave of cyber-attacks throughout the world in recent years, one would expect that company bosses would make it their duty to know as much as possible about this threat in order to help protect their businesses.
Not so. Well over two-thirds of firms said that their directors did not have any training in how to respond to a cyber-attack. This is according to the results of a government poll.
Of the 105 companies on the FTSE 350 that took part in the survey, around one in every ten (10%) indicated that they have no formal plans in place to protect their IT systems against an attack by hackers.
Even worse, the Cyber Governance Health Check – a poll that is carried out once a year – revealed that 54% of company boards regarded the possibility of the integrated computer systems being hacked as one of the biggest threats to their firms.
Despite this, nearly 68% of them have never received any professional training in what to do in the case of their company being hit by a hacking attack.
There is some light at the end of the tunnel though: the poll found that there has at least been some progress in this regard, with around 31% of boards this year indicating that they have received in-depth information regarding security threats to the company’s computer systems. This compares well with the 21% of the 2015/16 survey.
Digital Minister Matthew Hancock said that the NHS attack that took place in May this year underscored the “devastating effect” that a security breach could have.
He appealed to businesses to get training and/or advice from the National Cyber Security Centre.
Hancock concluded by saying: “We have a long way to go until all our organisations are adopting best practice."