NCSC urges Business Leaders to take cyber security seriously

Whether you are a small business owner, a sole director or a member of a large corporate’s board, it is essential for you to take a pivotal role in boosting your organisation’s cyber resilience.

Paul Moorby OBE is Managing Director of Chipside Limited, a leading UK tech company based in Brinkworth, which developed the MiPermit parking system.  MiPermit was recognised with a Queen’s Award for Enterprise, Innovation in 2019.  Paul was awarded his OBE in the 2019 New Year’s Honours List for services to promoting UK Technology abroad.  He is also Chair of the Swindon and Wiltshire Local Enterprise Partnership’s Board of Directors.  He commented:

“Cyber Security can be daunting, particularly for those who don’t have access to specialist support.  As a Board Director, it is all too easy to overlook potential cyber threats and concentrate on the financials, legal or growth aspirations of the organisation.  The NSCS guides offer a great platform to work from to help focus on cyber security.

“As Chair of the SWLEP Board, I was delighted to be involved closely with the development of the Business Cyber Centre which was launched with the aim to turn cyber complexity into cyber confidence for businesses.  The introduction of BCC Guardian continues with that aim and will act as a great tool to work alongside corporate or owner responsibilities.”

Directors have defined responsibilities under Section 172 of the Companies Act and must act in the company’s best interests to promote its success, which includes cyber security.

It states that you must consider the:

• consequences of decisions, including the long term
• interests of its employees
• need to support business relationships with suppliers, customers and others
• impact of its operations on the community and environment
• company’s reputation for high standards of business conduct
• need to act fairly to all members of the company

These points are equally relevant to individual small business owners and partnerships.

With nearly all businesses relying on data and technology, business owners should treat cyber risks with the same prominence as financial or legal risks, as cyber-attacks can have severe impacts on an organisation’s ability to operate.

Taking cyber security seriously also builds trust and confidence with customers, suppliers and shareholders or other interested parties.  This is particularly so at a time where risks and threats are becoming increasingly complex as they target ongoing customer supply chains.

Organisations with a healthy security culture are better able to learn from incidents.  It is always preferable to drive improvement and innovation in systems before a security breach occurs.  As well as benefits to productivity it can also lead to greater employee wellbeing and retention.

The NCSC is introducing a range of resources designed to help both SMEs and board members govern cyber risk more effectively.

The Board Toolkit outlines the benefits of cyber security and includes essential activities for the organisation; indicators of success; bite-sized videos summarising key concepts; an executive summary and a podcast with contributions from industry-leading voices.

The Small Business Guide to Cyber Security explains how to improve your cyber security with affordable and practical advice for businesses.  The guide gives information in a variety of media, including a series of videos that introduce the NCSC’s cyber security guidance for small businesses.

Alongside the guides, the NCSC continues to offer an extensive suite of guidance, products and services for technical leaders in medium to large organisations, including its 10 Steps to Cyber Security, Exercise in a Box and Early Warning.

If you would rather discuss how you might improve cyber security for your business or organisation – whatever its size – contact us for more information on the help we can provide.