The UK Government is proposing a new cybersecurity governance code of practice for businesses.
The Department for Science, Innovation and Technology (DSIT), along with the NCSC and industry partners, has drawn up an initial draft. This is now out for consultation.
The code of practice is aimed at business leaders, directors and non-execs, and aims to “improve cyber resilience across the UK economy”, according to DSIT.
This marks a recognition that organisations need to move their focus from cyber defence to resilience and recovery.
But what does the new code of practice contain, and how will it operate? Will another code of practice, alongside a host of existing laws and industry regulations, really help organisations be more secure?
We invited Amanda Finch, CEO of the Chartered Institute of Information Security, to look at some of the thinking behind the code, the issues it is trying to address, and how it will fit in alongside other rules and regulations.
Interview by Stephen Pritchard
Listeners can find out more about the proposed Code of Practice and the consultation on the UK Government’s cyber security site.
Featured image: Sarah Larkin from Pixabay
