Gov UK urges business leaders to ‘toughen up’ cyber-attack protections – IEEE comments
January 2024 by Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster university
Today, the UK government has launched a draft Code of Practice on cyber security governance that will help directors and senior leaders shore up their defences from cyber threats. Aimed at executive and non-executive directors and other senior leaders, the measures look to establish cyber security issues as a key focus for businesses, prioritising skills and awareness training. It has also invited businesses of all sizes from all sectors to share their opinions on the draft Code as part of a ‘call for views’ to help shape future cyber security policy in the UK.
Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster university, offers the following statement:
(c) SHUTTERSTOCK
“The threat landscape is constantly evolving, so organisations need to keep pace and ensure that they regularly reviewing and upgrading their defences. Some approaches that worked just a few years ago are now obsolete and attackers change their profile far quicker now, so it is incredibly difficult to identify which packet requests are nefarious. Companies should try to deal with DDoS traffic on the edge of their network immediately, and employ the latest tools such as AI, which can help with reactive misuse, anomaly detection and network profiling techniques.
“Moving forwards, senior management must have a more holistic understanding and approach to cybersecurity and IT departments must be able to maintain proficient security protocols or policies for years to come. Inevitably, this means increasing the amount of IT security staff and ensuring all staff are sufficiently trained, even if just basic cyber skills.”