Tech firms petitions UK government to take action on making cyber security compulsory for businesses
With 70% of businesses having no form of formal cybersecurity, tech company Evaris wants the UK government to make protection mandatory.
With the number of cybersecurity attacks on the rise and 43% of firms being targeted in the past 12 months, one tech business is petitioning to make online protection mandatory.
IT security specialist Evaris is lobbying for the UK government to make it a legal requirement for companies with up to 250 employees to sign up to an existing Cyber Essentials certification scheme, while larger businesses would need to meet more comprehensive cybersecurity requirements.
The Manchester-based firm claims cybercrime cost UK companies £21bn and only 27% of businesses have a formal cybersecurity policy in place.
Terry Saliba, solutions architect at Evaris, said: “Data shows that more than four in ten businesses experienced a cybersecurity breach in the past 12 months, and these are becoming increasingly sophisticated and costly for businesses across all industries.
“Unfortunately, we still see that many firms are failing to understand the extent of this issue, and so we believe this petition is vital for establishing a compulsory baseline adhered to by all businesses.”
How vulnerable are businesses to a cyber attack?
Large companies report being victims of 12 cyber-attacks per year, while medium-sized firms average six.
With the number of IoT devices in offices increasing, their unique vulnerabilities are also increasingly being exploited.
The global average cost of a data breach to an organisation was calculated to be $3.86m (£3.1m) by IBM and The Ponemon Institute.
This also has knock-on effects for customers as the Internet Society’s Cost of Cybercrime report last year found the annual cost of cybercrime to UK citizens is £3.1bn.
The National Cyber Security Centre is a government agency that provides advice for the public and private sector on how to avoid cybersecurity threats.
It runs the Cyber Essentials scheme, which gives businesses advice on avoiding the most common cyber threats.
The requirements for being certified under the Cyber Essentials scheme includes firewalls, secure configuration, user access control and malware protection.
The Cyber Essentials Plus programme requires an independent assessment of a business’ cybersecurity controls.
Evaris wants these programmes to be compulsory for businesses, with several industry bodies supporting the tech company’s calls.
Vince Warrington, CEO of cybersecurity firm Protective Intelligence, said: “I’m supporting the petition because I’ve had to deal with the consequences of cyber-attacks and seen the destruction they can cause.
“At the moment, far too many companies still see cybersecurity as a ‘nice to have’ option, rather than an essential part of everyday business.
“But cyber-attacks are not going to simply disappear – the criminals behind them will target your business if you haven’t taken even the most basic steps to keep them out.
“By driving all companies to adopt Cyber Essentials, the government can not only create a good level of basic cyber hygiene across UK firms, but also create a regular flow of cybersecurity businesses that can bring on board new staff and train them up – helping to reduce the predicted shortfall in qualified cybersecurity experts that the country will need in the decades to come.”
To sign the petition, click here.
Industry: Cyber Security News
- OUTSIDE IR35 Contract- Functional tester- SC clearance Microsoft Windows Server
- Outside IR35 contract
Front End Functional tester with SC clearance needed for an Outside IR35 project. Current valid SC clearance is required Experience with functional testing with exchange, sharepoint, SQL and other applications relating across a windows server Migration to 2019. Must be able to get to Central London 3 days a week. Jira, Wiki documentation and automation experience highly desirable.
- ForgeRock Consultant- UK
- United Kingdom
- Upto £100,000 plus benefits
ForgeRock Consultant/ Architect is require for niche consultancy who are looking to expand their presence within the UK/European Market Looking for a lead IAM architect, ideally with ForgeRock experience but would consider other vendors, But looking for someone who is able to advice and consultant with Clients but have the implementation background so they can get involved in projects as and when needed. Key duties will be: Provider IAM consultancy to clients, with a focus on ForgeRock Product stack ·Responsible for the design and implementation of ForgeRock solutions ·Install and configure ForgeRock stack to meet customer authentication and authorization requirements, ·Design and implement OAuth2 protocol using ForgeRock OpenAM, ·Design and develop OpenAM custom authentication modules, ·Configure ForgeRock stack to protect RESTful API, ·Troubleshoot and support ForgeRock IAM stack. This is a great role to join a niche play as they look to kick of their European expansion
- ForgeRock Consultant- Netherlands
ForgeRock Consultant required for 6 Month Contract This will be a mix of on site and home based, so need people to be based in the Netherlands We are looking for a lead ForgeRock Technical Consultant/ Architect with strong experience of ForgeRock to lead a new deployment project. ·Responsible for the design and implementation of ForgeRock stack ·Install and configure ForgeRock stack to meet customer authentication and authorization requirements, ·Design and implement OAuth2 protocol using ForgeRock OpenAM, ·Design and develop OpenAM custom authentication modules, ·Configure ForgeRock stack to protect RESTful API, ·Troubleshoot and support ForgeRock IAM stack. ·Designed and developed Restful APIs, This is a great project with an expanding leading IAM player within Europe, We are looking for someone with the above experience, who is comfortable hitting the ground running and taking on the reins at the start of a project