Report finds fifth of boards never update cyber security

42% of directors, trustees, governors and senior managers in the North West are updated on the cyber security of their businesses on a less-than-quarterly basis, according to new insight by Deloitte’s North West cyber team.

This is despite 75% of businesses acknowledging that cyber security is a high priority.

The findings, based on regional statistics from the Department for Digital, Culture, Media and Sport’s Cyber Security Breaches Survey, show that 18% of board members and senior managers are never updated on actions taken around cyber security. Just 16% are updated quarterly, with 18% updated annually and 6% less than once a year.

Less than half (43%) reported that they had a director, trustee, governor or senior manager with responsibility for cyber security, while nearly 10% of businesses that suffered a breach in the last 12 months admitted that they never reported it to senior management.

According to the Cyber Resilience Centre for Greater Manchester, cyber crime is estimated to cost the Greater Manchester economy £860m a year, as well as having a financially devastating effect on businesses of all sizes.

Stuart Whitehead, partner and UK cyber lead in the North and Midlands at Deloitte, said: “It is encouraging that businesses in the North West recognise cyber security as a key risk area. However, to stay ahead of the constantly evolving threat landscape, boards need to be provided with sufficient information in order to effectively prioritise and manage their cyber security risk. It is the responsibility of both the board and cyber security decision-makers to work together to regularly review their business’ robustness, and continue to make informed decisions to mature this function.”