Introduction
The vast majority of organisations in the UK rely on digital technology to function.
Good cyber security protects that ability to function, and ensures organisations can exploit the opportunities that technology brings. Cyber security is therefore central to an organisation’s health
and resilience, and this places it firmly within the responsibility of the Board.
New regulations (such as GDPR) as well as high profile media coverage on the impact of cyber
incidents, have raised the expectations of partners, shareholders, customers and the wider public.
Quite simply, organisations – and Board members especially – have to get to grips with cyber security.
Why have the NCSC produced a Cyber Security Toolkit for Boards?
Boards are pivotal in improving the cyber security of their organisations. The Cyber Security Toolkit for
Boards has been created to encourage essential discussions about cyber security to take place
between the Board and their technical experts.
What can this toolkit do for you?
Board members don’t need to be technical experts, but they need to know enough about cyber
security to be able to have a fluent conversation with their experts, and understand the right questions
to ask.
The Cyber Security Toolkit or Boards therefore provides:
- A general introduction to cyber security.
- Separate sections, each dealing with an important aspect of cyber security. For each aspect, we
will:
• explain what it is, and why it’s important
• recommend what individual Board members should be doing
• recommend what the Board should be ensuring your organisation is doing
• provide questions and answers which you can use to start crucial discussions with your
cyber security experts - Appendices summarising the legal and regulatory aspects of cyber security.
