This guidance note, commissioned by the Department of Business, Innovation and Skills and produced by the ICSA, is designed to help boards to understand the risks associated with cyber crime.
The guidance particularly focuses on:
–Issues to address, including identifying potential adversaries
–Conducting comprehensive risk assessments to understand the risks particular to each individual company
–Why cyber risk is different from other kinds of risk
–Actions for the board and audit committee
Companies are advised to be on the ‘front foot’ in terms of preparedness to combat cybercrime, with the board having a firm grasp of the potential risks, to ensure a proportionate, business-wide response.