DPO.Business News and Blogs

Supporting better mental health in the workplace with FreeYourMind.

Home ⛾ News Club Contact ☎

Contact us...

☎ +44 (0) 208 133 0242

Subscribe for monthly industry news:
cyber security governance

5 March 2019

2018 UK FTSE 350 Cyber Governance Health Check.

The 2018 cyber governance health check of the UK's 350 top businesses, released March 2019, suggests:

  1. 72% of boards consider their cyber risk is high or very high, compared with 54% in 2017.
  2. Only 12% of boards had a comprehensive understanding of their critical assets.
  3. Only 16% of boards understood the potential impact of cyber events.
  4. The boards that had a better understanding of cyber threats had more extensive cyber governance practices.
  5. 71% of boards recieve up-to-date and robust updates. Only 53% thought it was comprehensive.
  6. That 53% increased to 72% where the CISO reported directly to the board. There was no mention of the DPO and their impact on personal data security!
  7. 96% had a cyber security strategy; 88% had strategies that were challenged by the the board. 60% had an agreed risk appetite. 46% had a dedicated budget to deliver the strategy.
  8. 77% said boards were more engaged on cyber security due to GDPR, while over 50% had increased security measures as a result.
  9. 73% of boards use advice from the Government, with 53% using the NCSC 10 Steps to Cyber Security.
  10. 95% had a cyber incident response plan, but only 57% tested the plan on a regular basis. 1 in 4 had engaged external resource to assess the plan, and 1 in 5 had run a crisis simulation.
  11. 73% recognise the risk from third parties, but only 23% recognised the risk from parties that are further down the supply chain

Would you benefit from specialist support to enhance your cyber strategy? Visit DataGRC.co.uk, our security and privacy advisory business, for more information.

See the best data protection, privacy and security news...

190305 FTSE 350 Cyber Health Check
181130 Marriott data breach - 500m customers
181126 ICO fines Uber £385k; Dutch fine them £532k
181030 DataGRC GDPR article for EyeForTravel - 3 tips for managing data breaches
181029 Portugal fines hospital £400k
181026 DataGRC article for CILEX (lawyer regulator) - GDPR update
181025 BA security breach update 185k avios reward users
181025 Security Breach Cathay Pacific 9.5m Passengers
181024 ICO DPA'98 fines Facebook £500k
181022 High Court holds morrisons liable for data breach.
181009 ICO PECR fine Boost (findmeafuneralplan.com) £90k
181008 ICO DPA'98 fine HAL £120k
181002 ICO PECR unfine STS Commercial £60k
181001 ICO PECR fine Oaklands Assist £60k
181001 FCA fine Tesco Bank £16.4m
180928 ICO DPA'98 fine BUPA £175k
180928 ICO DPA'98 fine Equifax £500k
180907 British Airways data breach 380,000 customers
180815 DataGRC GDPR article for EyeForTravel - 3 hot topic
180427 DataGRC article for CILEX (lawyer regulator) - GDPR overview
180322 DataGRC GDPR article for EyeForTravel - 10 practical recommendations

Add a comment or a question...

Articles made publically available on this website are general information and should never be mistaken for formal or legal advice. If you are seeking formal advice for your specific requirements, please contact our advisory team using the form above.

cyber security governance