Cyber Security For Businesses
With the growth in the use of the internet by small and medium sized businesses and
the threat posed to their activities by cyber crime, the Parliamentary Yearbook is, as
part of its ongoing coverage feature of security issues, carrying a major piece in the
next edition on Government and industry’s efforts to increase cyber security.
For the first time, the Government and intelligence agencies are directly targeting the most
senior levels in the UK’s largest companies and providing them with advice on how to
safeguard their most valuable assets, such as personal data, online services and intellectual
There are currently 2 billion internet users worldwide and the internet accounts for 3.4 per
cent of GDP in the top 13 ‘cyber-mature’ countries. The internet also accounts for 21 per
cent of GDP growth in the last 5 years in mature countries and provides 2.6 jobs created for
1 job lost.
75 per cent of Internet impact arises from traditional industries and 10 per cent increase in
productivity for small and medium businesses from internet usage. Small and medium
businesses heavily using web technologies grow and export as twice much as others.
However far too few company chief executives and chairs take a direct interest in protecting
their businesses from cyber threats.
So yesterday the Government launched Cyber Security Guidance for Business at an event
attended by FTSE 100 CEOs and Chairs, Ministers from the Department for Business,
Innovation and Skills (BIS), Foreign Office, Cabinet Office, Home Office and senior figures
from the intelligence agencies.
Business Secretary Vince Cable said:
“Cyber security threats pose a real and significant risk to UK business by targeting valuable
assets such as data and intellectual property. By properly protecting themselves against
attacks companies are protecting their bottom line.
“Ensuring this happens should be the responsibility of any chief executive or chair as part of
an approach to good corporate governance which secures a business for the long-term.”
Foreign Secretary William Hague, as Minister responsible for the Government
Communications Headquarters (GCHQ), said:
“The UK is committed to building a secure, resilient, open and trusted internet. We are
working with partners across the globe to ensure this vision becomes a reality.
“A networked world brings many advantages. But cyberspace – and cybercrime – knows no
borders. Businesses must be alert to the dangers. Drawing on GCHQ’s experience and
working with industry the Government is committed to helping reduce vulnerability to attacks
and ensure that the UK is the safest place in the world to do business.”
Home Secretary Theresa May said:
“Cyber crime is a serious problem which affects businesses of all sizes and can have
“That is why we have funded the expansion of the Police Central e-Crime Unit in the
Metropolitan Police and SOCA’s Cyber Unit, and established three regional cyber specialist
hubs to help combat the threat. We will build on this by introducing a dedicated cyber crime
unit in the new National Crime Agency.”
The new guidance, produced by the CESG (the Information Security arm of GCHQ), BIS and
the Centre for the Protection of National Infrastructure (CPNI), will help the private sector
minimise the risks to company assets.
The guidance builds on a key objective within the Government’s Cyber Security Strategy to
work hand in hand with industry and make the UK one of the most secure places in the world
to do online business.
Cyber Security Guidance for Business consists of three products:
The first product is aimed at senior executives. It offers some high level questions which
we believe will assist and support them to determine their critical information assets,
support them in their strategic level risk discussions and help them ensure that they have
the right safeguards and cultures in place
The second product is an Executive Companion which discusses how Cyber Security is
one of the biggest challenges that business and the wider UK economy face today. It
offers guidance for business on how together we can make the UK's networks more
resilient and protect key information assets against cyber threats. The document focuses
around key points of risk management and corporate governance and includes some
anonymous case studies based on real events
The third product supports the Executive Companion and provides more detailed cyber
security information and advice for 10 critical areas (covering both technical and
process/cultural areas). If implemented as a set it can substantially reduce the cyber risk
by helping to prevent or deter the majority of types of attacks. For each of these 10
areas, we have summarised the issue, outlined the potential risks and provided some
practical measures and advice to reduce these risks. The material integrates the "Top 20
Critical Controls for Effective Cyber Defence" as endorsed by CPNI. These controls
provide further detailed guidance.
The guidance builds on comments by the Foreign Secretary at the end of the London
Conference for Cyberspace (2nd November 2011), in which he emphasised that cyberspace
must be secure and reliable so that it is trusted for online business, and that innovators are
confident that their discoveries will be appropriately protected. Another theme was the
importance of government and industry taking a shared responsibility towards the prevention
of cyber crime
Further news on cyber security will be covered by the Parliamentary Yearbook and there will
be a major feature on the topic in the next edition
6th September 2012