As cyber-attacks become more frequent, business leaders in the UK are being advised to take immediate action to safeguard their companies from online threats
A new set of guidelines, released today, provides a complete framework for directors and company boards to strengthen their cybersecurity measures, ensuring their businesses remain resilient and secure as they continue to grow.
Protecting businesses from cybercrime
The new guidance, known as the Cyber Governance Code of Practice, is part of the government’s ongoing effort to help businesses protect themselves from the growing risks of cybercrime.
It outlines clear steps for organisations to follow to secure their operations, protect sensitive data, and maintain continuity in the face of potential cyber threats. The measures also hope to protect the wider UK economy, which heavily relies on the digital services sector for growth.
The key focus of the Code is on developing robust cybersecurity strategies. One of the main actions recommended is implementing a formal cyber risk management plan that supports business resilience. This plan should help businesses prepare for potential attacks and reduce the impact of these incidents when they occur.
Putting the Cyber Governance Code of Practice into practice
The Code also highlights the importance of fostering a cyber-secure culture within organisations. It stresses that employees at all levels should be educated on potential cyber risks and know how to spot and report threats. Additionally, the guidelines urge businesses to implement clear incident response plans, enabling them to act quickly if a cyberattack occurs.
Cyber threats are a significant concern for UK businesses. According to recent statistics, 74% of large and 70% of medium-sized companies experienced cyber attacks and data breaches over the past year.
These attacks cost the UK economy nearly £22 billion annually between 2015 and 2019, affecting daily operations and long-term reputations.
Despite this, many businesses are underprepared. A third of large organisations still lack a formal cyber strategy, and nearly half of medium-sized firms do not have an incident response plan.
The newly released Code of Practice aims to address these gaps and guide business leaders on the necessary steps to reduce their exposure to cyber risks. By following the recommendations, companies can better protect themselves, their workers, and their customers from the potentially devastating effects of cyberattacks.
This initiative has received widespread support from UK industries, with organisations like the Institute of Directors and EY endorsing the Code’s launch. Industry leaders have emphasised that cyber security is not just an IT issue but a critical business concern that must be addressed at the board level. Cyber security is now seen as essential for driving growth, ensuring resilience, and protecting long-term business success.
Implementing cybersecurity guidelines
Alongside the Cyber Governance Code, businesses will have access to various resources to help them implement the guidelines.
These include online training modules, a detailed Board Toolkit with practical advice, and a dedicated Small Business Guide for smaller organisations looking to improve their cyber defences. The government also offers tailored funding through the Cyber Local scheme to help businesses in different regions enhance their cybersecurity capabilities.
In addition to the new guidance, the UK government is working on upcoming cybersecurity legislation to strengthen protections for critical national infrastructure and public services. This legislation will further safeguard industries like healthcare and energy, particularly vulnerable to cyber threats.
As part of its broader strategy, the government is making cyber security a cornerstone of its economic growth plans, recognising the growing importance of securing digital services. With cybercrime on the rise, these new resources and legislative measures provide the much-needed support for businesses to safeguard their operations and ensure a secure digital future.
