Tech firms petitions UK government to take action on making cyber security compulsory for businesses
With 70% of businesses having no form of formal cybersecurity, tech company Evaris wants the UK government to make protection mandatory.
With the number of cybersecurity attacks on the rise and 43% of firms being targeted in the past 12 months, one tech business is petitioning to make online protection mandatory.
IT security specialist Evaris is lobbying for the UK government to make it a legal requirement for companies with up to 250 employees to sign up to an existing Cyber Essentials certification scheme, while larger businesses would need to meet more comprehensive cybersecurity requirements.
The Manchester-based firm claims cybercrime cost UK companies £21bn and only 27% of businesses have a formal cybersecurity policy in place.
Terry Saliba, solutions architect at Evaris, said: “Data shows that more than four in ten businesses experienced a cybersecurity breach in the past 12 months, and these are becoming increasingly sophisticated and costly for businesses across all industries.
“Unfortunately, we still see that many firms are failing to understand the extent of this issue, and so we believe this petition is vital for establishing a compulsory baseline adhered to by all businesses.”
How vulnerable are businesses to a cyber attack?
Large companies report being victims of 12 cyber-attacks per year, while medium-sized firms average six.
With the number of IoT devices in offices increasing, their unique vulnerabilities are also increasingly being exploited.
The global average cost of a data breach to an organisation was calculated to be $3.86m (£3.1m) by IBM and The Ponemon Institute.
This also has knock-on effects for customers as the Internet Society’s Cost of Cybercrime report last year found the annual cost of cybercrime to UK citizens is £3.1bn.
The National Cyber Security Centre is a government agency that provides advice for the public and private sector on how to avoid cybersecurity threats.
It runs the Cyber Essentials scheme, which gives businesses advice on avoiding the most common cyber threats.
The requirements for being certified under the Cyber Essentials scheme includes firewalls, secure configuration, user access control and malware protection.
The Cyber Essentials Plus programme requires an independent assessment of a business’ cybersecurity controls.
Evaris wants these programmes to be compulsory for businesses, with several industry bodies supporting the tech company’s calls.
Vince Warrington, CEO of cybersecurity firm Protective Intelligence, said: “I’m supporting the petition because I’ve had to deal with the consequences of cyber-attacks and seen the destruction they can cause.
“At the moment, far too many companies still see cybersecurity as a ‘nice to have’ option, rather than an essential part of everyday business.
“But cyber-attacks are not going to simply disappear – the criminals behind them will target your business if you haven’t taken even the most basic steps to keep them out.
“By driving all companies to adopt Cyber Essentials, the government can not only create a good level of basic cyber hygiene across UK firms, but also create a regular flow of cybersecurity businesses that can bring on board new staff and train them up – helping to reduce the predicted shortfall in qualified cybersecurity experts that the country will need in the decades to come.”
To sign the petition, click here.
Industry: Cyber Security News
- CONTRACT SOC Manager. London / Birmingham. URGENT Immediate role.
REF7847 Contract SOC Manager. SC cleared, London / Birmingham. Initial 3 month Contract. SOC Manager needed to for an URGENT 3-4 month CONTRACT. SC clearance is essential. The project is to aid in the setup, implementation and management of resources to help with the initial stand up stages of a new SOC within a greenfield site. This is a short term contract role whilst a permanent hire is brought on over the coming 3 to 4 months. Experience engaging with and managing client stakeholder relationships as well as 3rd party relationships is critical. The role will involve; setting up, implementing and fine tuning the various initial stages of a SOC environment. Experience establishing and building out technical process / operational capability, managing of technical teams (analysts, engineers and architects, creation of policy / playbooks, fine turning is key. SPLUNK is the tooling of choice… Interviewing immediately. Set up a call with me today on https://calendly.com/chris-holt/arranged-call-with-chris-holt-remote-soc-role Direct contact details Chris.Holt@dclsearch.com or 07884666351
- SPLUNK Level 3 SOC Consultant, SIEM Splunk, London / Birmingham
REF CH7825 Level 3 SOC Consultant, SIEM Splunk, London / Birmingham £55,000 + Level 3 SOC Consultant, SIEM SPLUNK needed. Security Clearance. Permanent role Level 3 SOC Consultant, SIEM SPLUNK needed to join a public sector client. The ability to achieve SC clearance is essential. MUST have experience working with SPLUNK ideally to an Advanced Power User level. Splunk Enterprise Security (ES) knowledge and hands on experience highly desirable. The role will include, but not be limited to; managing and handling incidents end to end, supporting and mentoring level 1 / level 2 staff, supporting the SOC manager in the delivery of the SOC roadmap, engaging with the client stakeholders (other technical teams) as and where needed, use case development, advanced search and reporting etc. The individual MUST currently be living in the UK and be able to achieve UK security clearance. (SC) This is a permanent role To arrange a call with Chris Holt use this calendy link https://calendly.com/chris-holt/arranged-call-with-chris-holt-remote-soc-role Chris.Holt@dclsearch.com
- Aspiring Cyber Partner. Business lead, market maker.
Aspiring Cyber Partner (management consultancy) with Cyber specialism into Healthcare, Utilities and or Public Sector. Working with new and existing clients to help them solve, transform or evolve their cyber capabilities. MUST have; A proven management consultancy background in cyber. A history of identifying and closing new business opportunities. Currently Revenue generating / must be able to demonstrate recent wins. Client facing to board level with international businesses. Team leadership / mentoring experience. Extensive cyber industry experience. Digital transformation, Start-up environments etc. Experienced presenter at industry events, to be the public face of a business / capability. Breadth of knowledge across Cyber security. Service definition / creation. Would consider a senior director with experience delivering the above looking to step up. All conversations kept in confidence. To arrange a discreet call book a time to speak in my diary via https://calendly.com/chris-holt/cyber-partner-call Chris.Holt@dclsearch.com
- Internal Security Auditor, Level 1 Service Provider (ISO27001)
- Upto 65,000 plus benefits
Internal Security Auditor ISO 27001, PCI, needed to join a Cyber team within this expanding Fintech business. The Internal Security Auditor will have end to end responsibility for planning, delivering, remediating any findings etc. Experience working within financial services is highly desirable. This Is a great time to join a newly formed and growing Cyber team within a rapidly expanding fintech, that is taking a major share of its market. We are looking for someone with experience, (but not to be limited to) a mix of Information Security standards, frameworks, audit principles, controls / policies and the management and use of the technical tooling etc. ISO 22301, ISO 27001, NIST Cybersecurity Framework etc An ideal candidate will be working within an end user environment with a cyber consultancy background. Experience taking a company through accreditation is highly desirable Experience managing internal stakeholders, technical teams and external third parties essential Flexible working, but with the ability to get into London. This is an exclusive role to DCL Search & Selection.