Reacting to the announcement, today, that organisations will have to meet a rigorous new cyber security ‘kitemark’ if they want to work with the UK government, KPMG’s head of cyber security says the move will be welcomed by business, but only if the standard is pragmatic.
Malcolm Marshall comments: “The government isn’t afraid to be at the forefront of mandating cyber security standards in procurement. It’s fair to say that organisational cyber security standards are keenly awaited by the security community and by business at large, but to work effectively they must be pragmatic and recognise the challenges of smaller firms trying to raise their cyber security game.
“It will go some way towards bolstering UK plc’s cyber defences, yet the more advanced businesses recognise that standards are not a substitute for a genuine board level debate on the threat posed to today’s firms. It is also worth reminding ourselves that commerce in cyber space is global, and that any UK standard must build on recognised international approaches, with a weather eye on US initiatives. We need to resist the temptation of the UK ploughing its own furrow.
“The recent FTSE 350 cyber health check also showed that we have a way to go in raising awareness in the boardroom, helping executives understand the cyber threat and make sensible investment decisions to protect their business. The Cyber Security Information Sharing Partnership is a good start. It is important that businesses and government see it as just that, the first step towards frank and timely sharing of information on the rapidly changing cyber threat.”
Nahidur Rahman, KPMG Press Office
020 7694 8812 (t), 0788191 6975 (m) or firstname.lastname@example.org
Mike Petrook, KPMG Press Office
020 7311 5271 (t), 07917 384 576 (m) or email@example.com
KPMG Press Office: 020 7694 8773