National Cyber Security Centre Publishes Cyber Board Toolkit

Board members need to understand cyber security.

It is a statement that is regularly made about businesses, regardless of the sector or the size of the organisation, without further thought as to how those board members can better understand their organisation’s cyber risk profile.  With new regulations in place, such as the General Data Protection Regulation (GDPR), board members now have raised expectations as to their roles and responsibilities.

That is why the National Cyber Security Centre (NCSC) today published a cyber Board Toolkit – made relevant to anyone that is accountable within an organisation, from the Board of Directors or Governors to Trustees and Partners.  The Toolkit is also relevant for technical staff and security practitioners, who are able to use the questions in the toolkit to frame discussions with the Board.  Through using the Toolkit, board members can know enough about cyber security in order to have a fluent conversation with their cyber practitioners.

The Toolkit provides:

  • A general introduction to cyber security
  • Separate sections, each dealing with an important aspect of cyber security. For each aspect, we will: explain what it is, and why it's important, recommend what individual Board members should be doing, recommend what the Board should be ensuring your organisation is doing and provide questions and answers which you can use to start crucial discussions with your cyber security experts

3. An Appendix summarising the legal and regulatory aspects of cyber security

Commenting on the publication of the launch, techUK's President Jacqueline de Rojas said:

“A common issue in the UK boardroom has been that cyber is delegated to the IT department and does not rise to the surface as a priority until a breach has occurred. Given that a cyber attack is no longer an 'if' but more likely a 'when', board members need help with guidance on what to protect and how to go about it.

Put together with input from a selection of boards from diverse sectors, this NCSC toolkit is a practical resource for board members and their CISOs. To help identify best practice and better understand how to articulate and discuss cyber investment decisions in the boardroom.  

As the threat landscape increases and changes, techUK looks forward to working with the NCSC to promote and extend this guidance. In the event of an incident, boards will be in a position to respond effectively and in many cases take proactive steps to avoid attack on the first place.”

For further information, please visit the NCSC website here

  • Talal Rajab

    Talal Rajab

    T 020 7331 2189

Share this


Guest blog by Jay Chinnadorai @informetis and Chair of the Connected Home Working Group provides an overview of wha…
#ConnectedHome19 LAUNCH TOMORROW 🥳 Industry 🚦 Knowledge 🔝 Ownership 🧐 Control ☎️ Confidence💗 Cost📈 Panel…
On Sunday, @techUK celebrated International Women in Engineering Day where we looked at how to #TransformTheFuture.…
In this blog our Craig Melson @techUK flicks through tonight’s TV guide on how connectivity changed our entertainme…
Guest blog by Sean Gulliford @Gemserv highlights what is likely to be coming to a connected home near you in the ve…
Following the recent release of techUK’s report, Collaboration for Public Safety Outcomes, this podcast explores th…
Become a Member

Become a techUK Member

By becoming a techUK member we will help you grow through:

Click here to learn more...