30 Mar 2023

NCSC launches ‘refreshed’ Cyber Security Board Toolkit

The National Cyber Security Centre (NCSC) has today launched its refreshed Cyber Security Board Toolkit. With the UK and US’s shared interest in raising awareness of good cyber security to boards on both sides of the Atlantic, the toolkit is being launched in collaboration with CISA, the NCSC’s US counterparts.

Originally published in 2019, the Toolkit has proved very popular with boards and it's their feedback – together with input from non-executive directors and NCSC’s embedded industry i100 team – that will ensure the Toolkit remains up-to-date, relevant, and framed in language that boards are familiar with.

The Toolkit helps boards ensure that cyber resilience and risk management are embedded throughout their organisations. It will help boards make informed cyber decisions that are aligned to their wider organisational risks, and ensure cyber security is assigned appropriate investment against other competing business demands.

What's new in this edition of the Toolkit

In each of the sections within the Board Toolkit you’ll find:

bite-sized videos to provide boards with a quick overview of each module;
essential activities that boards should expect to see in their organisation;
indicators of success: a series of questions (with possible answers) that boards can use to help evaluate their organisation's performance – these are designed as a ‘starting point’ to encourage productive cyber security discussions between boards and key stakeholders; and
benefits of cyber security for organisations.

New additions include:

a sample script of questions to help board members establish if they have enough cyber security knowledge to ensure their organisation has the appropriate plans in place to mitigate threats;
an executive summary that summarises each section of the Board Toolkit;
use cases that draw on real-life incidents to bring the guidance to life; and
a Board Toolkit podcast, with contributions from industry-leading voices including the NCSC's former Chief Operating Officer Paul Maddison.

What's not changing

The nine core themes in the modules haven’t changed. Board members have told the NCSC how much they like the questions and possible answers, so these have stayed the same and all the questions are available in a single PDF. Also still included (and updated) is the 'Introduction to cyber security for Board members' , which is useful to those who are new to the subject and need to quickly get up to speed.

techUK welcomes the updates to this important Toolkit which helps organisations to adopt a methodical and proactive approach to cyber security and outlines basic safeguards that can greatly reduce the likelihood – and impact – of cyber-attacks.

Jill Broom

Head of Cyber Resilience, techUK

Jill leads the techUK Cyber Security programme, having originally joined techUK in October 2020 as a Programme Manager for the Cyber and Central Government programmes. She is responsible for managing techUK's work across the cyber security ecosystem, bringing industry together with key stakeholders across the public and private sectors. Jill also provides the industry secretariat for the Cyber Growth Partnership, the industry and government conduit for supporting the growth of the sector. A key focus of her work is to strengthen the public–private partnership across cyber to support further development of UK cyber security and resilience policy.

Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.

Email:: [email protected]
Website:: www.techuk.org/
LinkedIn:: https://www.linkedin.com/in/jill-broom-19aa824

Read lessmore

Freddie MacSwiney

Programme Manager - Defence and Cyber, techUK

Freddie MacSwiney is the Programme Manager for Defence and Cyber Security at techUK.

Raya Tsolova

Senior Programme Manager, techUK

Raya Tsolova is a Programme Manager at techUK.

Prior to joining techUK, Raya worked in Business Development for an expert network firm within the institutional investment space. Before this Raya spent a year in industry working for a tech start-up in London as part of their Growth team which included the formation and development of a 'Let's Talk Tech' podcast and involvement in London Tech Week.

Raya has a degree in Politics and International Relations (Bsc Hons) from the University of Bath where she focused primarily on national security and counter-terrorism policies, centreing research on female-led terrorism and specific approaches to justice there.

Outside of work, Raya's interests include baking, spin classes and true-crime Netflix shows!

Email:: [email protected]
Phone:: 07712630603

Read lessmore

Cyber Security Programme

The Cyber Security Programme provides a channel for our industry to engage with commercial and government partners to support growth in this vital sector, which underpins and enables all organisations. The programme brings together industry and government to overcome the joint challenges the sector faces and to pursue key opportunities to ensure the UK remains a leading cyber nation, including on issues such as the developing threat, bridging the skills gap and secure-by-design.

Learn more