NCSC launches ‘refreshed’ Cyber Security Board Toolkit
The National Cyber Security Centre (NCSC) has today launched its refreshed Cyber Security Board Toolkit. With the UK and US’s shared interest in raising awareness of good cyber security to boards on both sides of the Atlantic, the toolkit is being launched in collaboration with CISA, the NCSC’s US counterparts.
Originally published in 2019, the Toolkit has proved very popular with boards and it's their feedback – together with input from non-executive directors and NCSC’s embedded industry i100 team – that will ensure the Toolkit remains up-to-date, relevant, and framed in language that boards are familiar with.
The Toolkit helps boards ensure that cyber resilience and risk management are embedded throughout their organisations. It will help boards make informed cyber decisions that are aligned to their wider organisational risks, and ensure cyber security is assigned appropriate investment against other competing business demands.
In each of the sections within the Board Toolkit you’ll find:
- bite-sized videos to provide boards with a quick overview of each module;
- essential activities that boards should expect to see in their organisation;
- indicators of success: a series of questions (with possible answers) that boards can use to help evaluate their organisation's performance – these are designed as a ‘starting point’ to encourage productive cyber security discussions between boards and key stakeholders; and
- benefits of cyber security for organisations.
New additions include:
- a sample script of questions to help board members establish if they have enough cyber security knowledge to ensure their organisation has the appropriate plans in place to mitigate threats;
- an executive summary that summarises each section of the Board Toolkit;
- use cases that draw on real-life incidents to bring the guidance to life; and
- a Board Toolkit podcast, with contributions from industry-leading voices including the NCSC's former Chief Operating Officer Paul Maddison.
The nine core themes in the modules haven’t changed. Board members have told the NCSC how much they like the questions and possible answers, so these have stayed the same and all the questions are available in a single PDF. Also still included (and updated) is the 'Introduction to cyber security for Board members' , which is useful to those who are new to the subject and need to quickly get up to speed.
techUK welcomes the updates to this important Toolkit which helps organisations to adopt a methodical and proactive approach to cyber security and outlines basic safeguards that can greatly reduce the likelihood – and impact – of cyber-attacks.
Jill is techUK’s Programme Manager for Cyber Security and Central Government, supporting the work of both programme teams and promoting better engagement between the public and tech sectors.
Prior to joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.
Dan leads the techUK Cyber Security programme, having originally joined techUK in August 2017 as a Programme Manager working across the Cyber and Defence programmes. He is responsible for managing techUK's work across the cyber security eco-system, bringing industry together with key stakeholders across the public and private sectors. Dan also provides the industry secretariat for the Cyber Growth Partnership, the industry and Governmnet conduit for supporting growth across the sector. A key focus of his work is to strengthen the public-private partnership across cyber security to support further development of UK cyber security policy.
Before joining techUK he worked as Forum Lead for the Westminster eForum. In this role he had a focus on the technology and telecoms space, on issues ranging from Broadband and Mobile Infrastructure, the Internet of Things, Cyber Security, Data and diversity in tech. Dan has a BA in History from the University of Liverpool.
- [email protected]
- 020 7331 2165
Freddie MacSwiney is the Programme Manager for Defence and Cyber Security at techUK.
Prior to joining techUK, Freddie worked as a Government Adviser for a firm dealing in International Relations, where he briefed Politicians, Ministers, Heads of State, Diplomats around the world on key issues from Defence, Security and other key issues and aligned them with the UK.
Raya Tsolova is the Programme Manager for National Security at techUK.
Raya is responsible for all National Security related activities across techUK, specifically in the established programmes of Defence, Cyber Security and Justice & Emergency Services. Raya will leverage relationships with existing stakeholders across the three programmes, and will build new relationships between techUK and key stakeholders who are of interest to member companies.
Prior to joining techUK, Raya worked in Business Development for an expert network firm within the institutional investment space. Before this Raya spent a year in industry working for a tech start-up in London as part of their Growth team which included the formation and development of a 'Let's Talk Tech' podcast and involvement in London Tech Week.
Raya has a degree in Politics and International Relations (Bsc Hons) from the University of Bath where she focused primarily on national security and counter-terrorism policies, centreing research on female-led terrorism and specific approaches to justice there.
Outside of work, Raya's interests include baking, spin classes and true-crime Netflix shows!
- [email protected]
Cyber Security Programme
The Cyber Security Programme provides a channel for our industry to engage with commercial and government partners to support growth in this vital sector, which underpins and enables all organisations. The programme brings together industry and government to overcome the joint challenges the sector faces and to pursue key opportunities to ensure the UK remains a leading cyber nation, including on issues such as the developing threat, bridging the skills gap and secure-by-design.
Join techUK's Cyber Security SME Forum
Our new group will keep techUK members updated on the latest news and views from across the Cyber security landscape. The group will also spotlight events and engagement opportunities for members to get involved in.
Upcoming Cyber Security events
Cyber Security updates
Sign-up to get the latest updates and opportunities from our Cyber Security programme.