Government consults on cyber security

The government is currently consulting on organisational standards that best meet the requirements for effective cyber risk management. The government’s strategy is to encourage industry-led standards so that organisations can better manage the risk to their information, and to highlight the fact that good management of information risk can be a selling point for business.

Companies are asked to suggest either a new standard, an existing standard, or one standard comprising of components of multiple existing standards.

The standard should be applicable to organisations of all sizes, and proposed it should protect organisations against phishing and social engineering, malware and viruses. In addition, it should have in place an independent audit and assurance framework.

Responses are sought by 14 October.