The Financial Times/ICSA Boardroom Bellwether survey questioned FTSE 350 company secretaries and only 21 per cent said they had identified their key information assets and prepared for potential cyber-attacks.
One in ten of the respondents said they didn’t need to address cyber security issues, two said they were prepared and another two had yet to take action. However, the other five stated they had not set out a cyber-security plan or needed outside help to implement one.
David Willets, Minister for Universities and Science, said an extra £210 million has been allocated for the 2015-16 spending review on top of £650 million already agreed for the National Cyber Security Programme.
He told the Financial Times: “We are encouraging companies to make cyber security a board-level responsibility and understand how it could affect their bottom line.
“We are engaging with key industry sectors to raise awareness and encourage behaviour change, so companies focus on the threat of an attack before it happens.”
The recent 2013 Information Security Breaches Survey from the Department for Business, Innovation and Skills found that 93 per cent of large organisations across all sectors in the UK had reported a cyber-attack in the last year.
The average cost of the worst security breach for large organisations was between £450,000 and £850,000, with several individual breaches costing in excess of £1 million.