Responding to the publication, today, of the Government’s ‘Cyber Governance Health Check’ report, KPMG is urging company and audit committee chairmen of the FTSE 350 to prioritise cyber security in the Boardroom.
The call for cyber action comes in the wake of research showing that only 20 percent of large organisations detected that outsiders had successfully penetrated their network in the past 12 months* and that just 21 percent of audit committees are satisfied with the information they receive about cyber security risks*.
Malcolm Marshall, head of information protection and business resilience at KPMG, comments: “Barely a week seems to go by without news of another high profile cyber attack hitting the headlines, making this report all the more timely. It shows the true scale of the threat facing UK plc and reveals just how prepared we are today. The hope must be that it will be used by organisations to track their progress over time.”
The Government’s ‘Cyber Healthcheck’ has succeeded in moving cyber security up the Boardroom agenda, leading one FTSE 350 chairman to tell KPMG that it “has raised the significance of cyber security which the Board is considering and will action”.
Marshall adds: “We found a wide range of Board level views, with some senior executives seeing cyber security as boring, some see it as sexy, others seeing it as over-hyped and still more as a necessary evil. The one consistency is that they are struggling to find the right balance between managing risk and making investments in a world where the threats constantly change.”
At the same time, the Government has announced the outcome of its recent consultation on organisational standards for cyber security and indicated its preferred standard. Marshall concludes: “The Government announcement on organisational standards and their proposed approach is a welcome addition to UK plc’s defences, but the more advanced businesses recognise that complying with a standard is one stop on the journey along the cyber security road, rather than the final destination. There is much more to getting this right than following a standard.”
Mike Petrook, KPMG Press Office
020 7311 5271 (t), 07917 384 576 (m) or email@example.com
Notes to Editors:
* Data from Information Security Breaches Survey (Department for Business Innovation and Skills, 2013) and Global Audit Committee Survey (KPMG, 2013).
KPMG LLP, a UK limited liability partnership, is a subsidiary of KPMG Europe LLP and operates from 22 offices across the UK with over 11,000 partners and staff. The UK firm recorded a turnover of £1.7 billion in the year ended September 2011. KPMG is a global network of professional firms providing Audit, Tax, and Advisory services. We operate in 152 countries and have 145,000 professionals working in member firms around the world. The independent member firms of the KPMG network are affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity. KPMG International provides no client services.