A call for views and evidence: Cyber Security Organisational Standards: EtF comments to the Department for Business, Innovation and Skills (BIS)
The IET and BCS working in partnership under the Engineering the Future (EtF) alliance responded to the call for evidence by the Department for Business, Innovation and Skills (BIS) to identify an appropriate cyber security standard for organisations wishing to improve cyber security.
In summary the alliance’s position on the call for evidence is as follows:
It is not possible to have a single standard for cyber security that is suitable for all organisations and able to deal with all eventualities. Such an approach over simplifies the complexity of the issue and the scale of the challenge.
EtF has been involved with the Industry Working Group and is broadly supportive of their framework approach to cyber security standards. Although like many in the group, we see current draft response as a minimum interim guide that might be used to help inform SMEs/micro SMEs around some aspects of cyber security and what steps may be taken to identify gaps and vulnerabilities. The document attempts to outline steps that may be taken based on good practice recommendations from the IASME organisation.
The alliance strongly believes that government should undertake a systematic approach that considers not only the symptoms but also the root causes.
Submission Details Submitted on 14 October 2013 to Department for Business, Innovation and Skills (BIS)