ALMOST 70 PER CENT of company directors have no training in responding to cyber attacks, according to a survey of 105 businesses in the FTSE 350.
The figure is especially surprising considering other findings of the Cyber Governance Health Check: namely, that 54 per cent of Boards consider cyber as a top risk, and 57 per cent have 'a clear understanding' of the potential impact of a cyber incident.
The survey results also reveal that one in 10 directors have no plans in place to respond to a cyber security incident.
Jon Geater, CTO of Thales e-Security, commented: "The results of this latest government survey are not altogether surprising but they are rather concerning given the recent proliferation of data breaches and cyber attacks.
"Awareness among executives is now absolutely critical in today's digital age. While educating and upskilling every executive would be a Sisyphean task, every business needs C-Level functional leaders to take responsibility for keeping the business running in these difficult circumstances."
On a positive note, a third of respondents said that they regularly made investments based on their cyber security, up from just eight per cent in 2014; and, for the first time, more Boards (50 per cent) said that they review and challenge reports on the security of their customer data than those who do not (46 per cent).
This data is a valuable target for hackers, and its management will be crucial for GDPR compliance.
"In order for companies to prevent the sensitive data from falling into the hands of a malicious hacker, and becoming tomorrow's headlines, boardrooms need to ensure that cyber and data security feature prominently on their day-to-day agendas," said Geater.
Digital Minister Matthew Hancock said: "We have world-leading businesses and a thriving charity sector but recent cyber attacks have shown the devastating effects of not getting our approach to cyber security right.
"These new reports show we have a long way to go until all our organisations are adopting best practice and I urge all senior executives to work with the National Cyber Security Centre and take up the Government's advice and training.
"Charities must do better to protect the sensitive data they hold and I encourage them to access a tailored programme of support we are developing alongside the Charity Commission and the National Cyber Security Centre." µ
The best of the rest of the week
Amazon is going big on AI for Christmas
But you still can't deactivate Samsung's divisive AI assistant