UK’s big companies rush to take action on cyber threats - with a candidate driven market people must consider talent on Tier 2 General Visa's

The UK’s largest public companies are devoting more resources to cyber security as anxiety about the impact of hacking attacks has ratcheted up over the past year, according to research to be published on Monday.  

https://www.ft.com/content/c1a27d04-f202-11e7-ac08-07c3086a2625 

Last May, the WannaCry cyber attack wreaked havoc on tens of thousands of organisations worldwide, from the UK’s National Health Service to US delivery services company FedEx. This month, companies are having to digest the latest warning that hackers could take advantage of flaws discovered in chips made by Intel, AMD and ARM, which could affect nearly all computers and smartphones.  

The most recent Boardroom Bellwether survey, conducted twice a year by ICSA, the governance body, in conjunction with the Financial Times, found that four-fifths of FTSE 350 company secretaries surveyed believed their companies’ exposure to cyber risk was increasing, the same proportion as a year ago. Nine-tenths said they were boosting spending to mitigate the risk. However, nearly a third — 31 per cent — said they reviewed their exposure to cyber risk only once a year, although a quarter said they conducted a review at least every three months. The Information Commissioner’s Office, the watchdog that upholds information rights in the UK, said companies needed to carry out routine security testing and “continuously” identify developing risks that could put personal data at risk.  

The EU’s General Data Protection Regulation, which comes into force in May and which the UK government says it will continue to implement after Brexit, requires organisations to undertake data protection impact assessments for the most risky uses of personal data. “Risk assessments are key and should be undertaken as regularly and as appropriate to the risk,” the ICO said. “This may be annually or more frequently dependent on the type of data held and privacy impact risks involved.”  

Last year. the department for digital culture, media and sport, in its annual review of “cyber governance”, found that more than two-thirds of FTSE 350 board members had not received any training to deal with a cyber incident, and that one in 10 boards had no plan in place to respond to one. Just a handful of boards at the UK’s largest listed companies disclosed having a director with specialist technology or cyber security experience, according to an analysis of annual reports by management consultant Deloitte. “The vast majority of FTSE 100 reports acknowledge the principal risk, but our analysis shows there were wide variations in the disclosure of cyber risk management and mitigation strategies,” said Phill Everson, head of cyber risk services at Deloitte. Stephen Martin, director-general at the Institute of Directors in London, said there was no “one-size-fits-all” method for companies to follow to be cyber-secure.  

“Cyber security is a primary risk to business and therefore the responsibility to set strategy, plan the response, and ensure compliance with regulation must sit with the board, as it does with other profit or loss decision-making,” he said. “Shareholders are likely to interrogate boards more frequently on their cyber diligence and will hold them to account for failure.” Peter Swabey, ICSA policy and research director, said it was the responsibility of the board to satisfy itself that management was taking the issue of cyber security sufficiently seriously. “I can only assume that those companies who consider it less frequently [than half-yearly] have satisfied themselves that this is appropriate,” he said. Twenty-eight FTSE 100 and 47 FTSE 250 company secretaries responded to the survey. 

Reality 

With the reality of companies need to focus more and combat cyber security the attention turns to available resources in the market. In this space demand is outstripping supply and recruiter and companies alike must consider diversifying options. The situation is exacerbated further with Brexit looming and the unknown state of freedom of labour movement for Europeans. 

This all considered a potential solution is considering consultants from around the globe who require Tier 2 General Sponsorship. Some may be already in the UK on Tier 2 General Visa and looking for a change in role or on a student visa and looking to jump into employment. Candidates may wish to move to consulting options to undertake multiple assignments and potentially increase take home. 

For more information in this regard and Tier 2 General Sponsorship do contact us at consult@mavisas.co.uk. 

Thanks in advance 

Mason Alexander 

Mason Alexander