NCC Group welcomes National Cyber Security Strategy
The government has launched its National Cyber Security Strategy to 2021, with Chancellor Phillip Hammond providing more details on the £1.9bn investment. The plans set out action needed to protect the UK economy and the privacy of British citizens, while encouraging industry to increase its efforts to prevent cyber attacks.
Commenting on the announcement, Rob Cotton, CEO at NCC Group, said: “We welcome the launch of the new National Cyber Security Strategy, particularly its acknowledgement of the importance of a partnership between Government and industry in order to protect the UK against cyber threats. What we need now is both political and commercial action to turn the words into reality.
“We are in total agreement with the Government that it is up to businesses to address basic vulnerabilities and keep their networks secure, but we must acknowledge that there is no such thing as being 100 per cent secure. What really matters is resilience: the ability to detect and respond to attacks in the appropriate manner.
“The Government has stated that organisational culture change is still needed as behaviour has not yet changed to the extent needed. We strongly agree with this assertion. There is a considerable need for improved governance and senior sponsorship of cyber security. Each company board must take ownership of the risk. Cyber security isn’t something that should just sit with the risk and audit committees, where it will become an exercise in compliance.
“NCC Group is taking the lead here, having set up a dedicated Cyber Security Committee. It is led by a senior independent non-executive director, and I personally sit on the committee alongside the Group’s other non-executive directors. We assess the performance of the Group’s internal security and defences and report back on a monthly basis. We are the first listed company to have a Cyber Security Committee at a board level and we urge other listed companies to do the same.
“Another strategic issue is the skills gap. Cyber security skills are desperately needed across government and the private sector. We need to get education right to deliver a healthy pipeline of talent, both to keep the country secure and to take advantage of the significant growth potential of this industry. We also need to keep incentivising investment in skills, talent and technologies so we are able to keep pace with other nations and cyber criminals.
“Finally, we should not forget about EU regulations on the horizon, such as GDPR and the NIS Directive. Cyber security is cross-border so international collaboration is key. We urge the Government to retain the UK’s world leadership position as shown by this strategy and adopt stringent standards to help keep businesses and consumers secure.”
Published date:  01 November 2016