NCSC launches ‘refreshed’ Cyber Security Board Toolkit

The National Cyber Security Centre (NCSC) has today launched its refreshed Cyber Security Board Toolkit. With the UK and US’s shared interest in raising awareness of good cyber security to boards on both sides of the Atlantic, the toolkit is being launched in collaboration with CISA, the NCSC’s US counterparts.

Originally published in 2019, the Toolkit has proved very popular with boards and it's their feedback – together with input from non-executive directors and NCSC’s embedded industry i100 team – that will ensure the Toolkit remains up-to-date, relevant, and framed in language that boards are familiar with.

The Toolkit helps boards ensure that cyber resilience and risk management are embedded throughout their organisations. It will help boards make informed cyber decisions that are aligned to their wider organisational risks, and ensure cyber security is assigned appropriate investment against other competing business demands.

What's new in this edition of the Toolkit

In each of the sections within the Board Toolkit you’ll find:

  • bite-sized videos to provide boards with a quick overview of each module;
  • essential activities that boards should expect to see in their organisation;
  • indicators of success: a series of questions (with possible answers) that boards can use to help evaluate their organisation's performance – these are designed as a ‘starting point’ to encourage productive cyber security discussions between boards and key stakeholders; and
  • benefits of cyber security for organisations.

New additions include:

  • a sample script of questions to help board members establish if they have enough cyber security knowledge to ensure their organisation has the appropriate plans in place to mitigate threats;
  • an executive summary that summarises each section of the Board Toolkit;
  • use cases that draw on real-life incidents to bring the guidance to life; and
  • a Board Toolkit podcast, with contributions from industry-leading voices including the NCSC's former Chief Operating Officer Paul Maddison.

What's not changing 

The nine core themes in the modules haven’t changed. Board members have told the NCSC how much they like the questions and possible answers, so these have stayed the same and all the questions are available in a single PDF. Also still included (and updated) is the 'Introduction to cyber security for Board members' , which is useful to those who are new to the subject and need to quickly get up to speed.

techUK welcomes the updates to this important Toolkit which helps organisations to adopt a methodical and proactive approach to cyber security and outlines basic safeguards that can greatly reduce the likelihood – and impact – of cyber-attacks.

Jill Broom

Jill Broom

Programme Manager, Cyber Security, techUK

Jill is techUK’s Programme Manager for Cyber Security, working across the cyber eco-system to bring industry together with key stakeholders across the public and private sectors.

Prior to focusing in on techUK's cyber security work, Jill was also part of techUK's Central Government programme team, representing the supplier community of technology products and services to Whitehall departments. 

Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.

[email protected]

Read lessmore

Dan Patefield

Dan Patefield

Head of Cyber and National Security, techUK

Dan leads the techUK Cyber Security programme, having originally joined techUK in August 2017 as a Programme Manager working across the Cyber and Defence programmes. He is responsible for managing techUK's work across the cyber security eco-system, bringing industry together with key stakeholders across the public and private sectors. Dan also provides the industry secretariat for the Cyber Growth Partnership, the industry and Governmnet conduit for supporting growth across the sector. A key focus of his work is to strengthen the public-private partnership across cyber security to support further development of UK cyber security policy.

Before joining techUK he worked as Forum Lead for the Westminster eForum. In this role he had a focus on the technology and telecoms space, on issues ranging from Broadband and Mobile Infrastructure, the Internet of Things, Cyber Security, Data and diversity in tech. Dan has a BA in History from the University of Liverpool.

[email protected]
020 7331 2165

Read lessmore

Freddie MacSwiney

Programme Manager - Defence and Cyber, techUK

Freddie MacSwiney is the Programme Manager for Defence and Cyber Security at techUK.

Prior to joining techUK, Freddie worked as a Government Adviser for a firm dealing in International Relations, where he briefed Politicians, Ministers, Heads of State, Diplomats around the world on key issues from Defence,  Security and other key issues and aligned them with the UK. 

Read lessmore

Raya Tsolova

Programme Manager, techUK

Raya Tsolova is a Programme Manager at techUK. 

Prior to joining techUK, Raya worked in Business Development for an expert network firm within the institutional investment space. Before this Raya spent a year in industry working for a tech start-up in London as part of their Growth team which included the formation and development of a 'Let's Talk Tech' podcast and involvement in London Tech Week. 

Raya has a degree in Politics and International Relations (Bsc Hons) from the University of Bath where she focused primarily on national security and counter-terrorism policies, centreing research on female-led terrorism and specific approaches to justice there. 

Outside of work, Raya's interests include baking, spin classes and true-crime Netflix shows! 

[email protected]

Read lessmore

Cyber Security Programme

The Cyber Security Programme provides a channel for our industry to engage with commercial and government partners to support growth in this vital sector, which underpins and enables all organisations. The programme brings together industry and government to overcome the joint challenges the sector faces and to pursue key opportunities to ensure the UK remains a leading cyber nation, including on issues such as the developing threat, bridging the skills gap and secure-by-design.

Learn more

Join techUK's Cyber Security SME Forum

Our new group will keep techUK members updated on the latest news and views from across the Cyber security landscape. The group will also spotlight events and engagement opportunities for members to get involved in.

Join here

Upcoming Cyber Security events

Cyber Security updates

Sign-up to get the latest updates and opportunities from our Cyber Security programme.