Contracts ignore cyber risks

According to a survey, fewer than a third of companies (31 per cent) have clauses in contracts with their suppliers regarding cyber risk, according to the UK government.
According to a survey, fewer than a third of companies (31 per cent) have clauses in contracts with their suppliers regarding cyber risk, according to the UK government.

 

A report, The Cyber Governance Health Check, found 14 per cent have other arrangements such as pre-contract diligence, third-party audit and third-party self-assessment.

The industrial goods and services sector was least likely to employ some sort of formal arrangement, with 29 per cent saying they had cyber risk clauses in contracts. But 41 per cent of those in the technology and communications sector said they have cyber risk clauses in contracts.

The government called on UK companies to do more to tackle cyber threats, as the survey of FTSE 350 firms also found only 14 per cent regularly address cyber crime.

The research by the Department for Business, Innovation & Skills found a quarter of 217 respondents said the company board has “a poor understanding” of where its key information or data assets are shared with third parties such as suppliers, advisors, customers and outsourcing partners.

To tackle the growing threat, the government is working with industry to develop an official ‘cyber standard,’ which will help stimulate the adoption of good cyber practices among business.

The Kitemark-style standard will be launched early next year, as part of the £860 million cross-government National Cyber Security Programme.

Science minister David Willetts said: “The cyber crime threat facing UK companies is increasing. Many are already taking this extremely seriously, but more still needs to be done. We are working with businesses to encourage them to make cyber security a board-level responsibility.

“The cyber standard will promote excellence in tackling cyber risks, help businesses better understand how to protect themselves, and ultimately increase the nation’s collective cyber security.”

http://www.supplymanagement.com/news/2013/contracts-ignore-cyber-risks

Advertisements

About Gregory D Evans

Gregory Evans is one of the worlds greatest security consultants. Go to http://GregoryDEvans.com for more details.
This entry was posted in Cell phone security, cyber, internet safety, Technology, wireless and tagged , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s