In a move to bolster the cyber resilience of the UK’s economy and society, the government has enlisted Arculus, a cyber security consultancy, to conduct a pioneering pilot project.

The initiative focuses on supporting directors of UK organisations in enhancing their governance of cyber security risk through the implementation of the draft Cyber Governance Code of Practice.

The research, integral to refining the code in conjunction with the recently issued call for views on January 23, 2024, seeks active participation from organisations.

Participants will be tasked with applying the principles outlined in the Cyber Governance Code of Practice within their organisations and subsequently providing feedback based on their experiences.

While welcomed by some, the AI guidelines nevertheless sit uneasily with the way UK systems, particularly in the public sector, are routinely penetrated by hackers.

According to the Information Commissioner’s Office, reported by the Financial Times, there were more than 1,420 reported incidents of malware, ransomware, and phishing that targeted public bodies in the first half of 2023, a large jump from 855 incidents over the same period last year.

In December, a parliamentary report warned the UK is at high risk of a “catastrophic” ransomware attack that could cost tens of billions of pounds and shut down critical infrastructure.

A report by iomart and Oxford Economics found UK businesses experienced an average of 30 cyber incidents each in the last year a 25% increase year-on-year.

The report found that businesses spend, on average, more than £40,000 a year on cyber protection, yet more than a quarter (27%) of organisations think their cyber security budget is inadequate.

The process includes an initial and final assessment of the organisation’s cyber maturity through a non-technical questionnaire, alongside attending online sessions to facilitate discussions on feedback.

Organisations engaging in the pilot project with Arculus can expect to collaborate from early January to early March 2024.

According to Cybersecurity Ventures, cited by GlobalData in its Thematic Intelligence research: Cybersecurity 2023 report, global cybercrime will reach $10.5trn annually by 2025.

Tackling this issue requires investment, and GlobalData forecasts that cybersecurity revenues will reach $344bn worldwide by 2030.

According to GlobalData’s Tech, Media, & Telecom Predictions 2024 report, company employees will face a greater risk of spear-phishing attacks in 2024 aimed at gaining access to an organisation’s systems through AI-powered social engineering.