According to a Freedom of Information Request by USA based company Corero Network Security, there are more than a third of ‘critical infrastructure organisations’ in the UK who are not meeting basic cyber security requirements.

This comes as an alarming warning when television, internet and paper based journalism seems to be covering at least one story per week in relation to cyber security attacks. Although information as to how businesses should be protecting themselves is more freely available and a rise in fines for companies who fail to comply with cyber security requirements legislation is well known, it seems that businesses are still struggling to take heed.

In March 2017, 338 UK organisations including Police Forces, Fire Rescue Services, the NHS, energy suppliers and transportation services were all approached by cyber security specialist company, CORERO to confirm their completion of the 10 steps cyber security programme produced and issued by the UK National Cyber Security Centre.

Of those organisations approached, only 163 responded and 63 admitted that they had not completed the programme.

Launched in 2015 and updated in 2016, the 10 step programme covers the following requirements in order that organisations can ensure that they are operating safely in terms of cyber security requirements.

The 10 Step Programme to adhere to Cyber Security Requirements:

  1. Risk Management Regime
  2. Network Security
  3. Education & Awareness
  4. Malware Prevention
  5. Removable Media Controls
  6. Secure Configuration
  7. Managing User Privileges
  8. Incident Management
  9. Monitoring
  10. Home & Mobile Working

In light of the recent NHS security breach which saw a number of NHS trust computers brought down by the WannaCry cyber-attack in May 2017 and with fines now being issued by the National Security Centre of a value of up to £17,000,000, it is evident that there is still a significant amount of work that needs to be done in educating organisations and business so that they prioritise cyber security.

Is your organisation protected against a cyber security threat? To find out whether you can stay protected with cyber security requirements insurance, please feel free to answer our online cyber security questionnaire or contact one of our online cyber security team to ensure that you and your company stays safe.

Blogs used to write this article: