BCS policy recommendations for Cyber security:
Cybersecurity is critical to safeguarding citizens, delivering essential services, and protecting the UK economy. IT increasingly functions as a core utility, and the risks posed by cyber threats demand urgent national attention. BCS calls for decisive action from the government, companies and organisations to ensure cybersecurity is at the core of all business operations.
- Introduce a mandatory Cybersecurity Code of Practice with breach and risk reporting.
- Integrate cyber resilience into all business continuity plans.
- Require Boards to include a member accountable for cybersecurity.
- Enforce a ‘secure and resilient by design’ culture across critical IT systems.
- Mandate strong cyber governance, including third-party monitoring.
- Launch a government-led cybersecurity awareness campaign.
- Create a one-stop shop for SME cybersecurity advice on gov.uk.
Consultation responses
The BCS’ Information Security Specialist Group (ISSG) recommended a mandatory, rather than voluntary Governance Code of Practice for Cyber Security should be introduced. ISSG were responding to a call for views from the Conservative government to its draft proposals that set out the steps directors need to take to protect their organisations.
Cyber security code of practice
BCS responded to a government consultation on the cyber resilience of the UK's critical national infrastructure (CNI). We asked the BCS Information Security Specialist Group (ISSG) for their input into the Science, Innovation and Technology Committee's call for a written response.
Cyber resilience of the UK's critical national infrastructure
The Government plans to introduce the Code on a voluntary basis. Depending on stakeholder feedback, once the Code is introduced, the government will explore the challenges and opportunities of placing the principles of the Code on a regulatory footing.
BCS response: App security and privacy interventions
BCS worked with our members to respond to the Government consultation: Embedding standards and pathways across the Cyber Security Profession by 2025’
You can also view the BCS briefing on the proposal for legislation to improve the UKs cyber resilience and the BCS briefing on cyber security in the UK.
What else is BCS doing?
As a member of the UK Cyber Security Council, BCS works alongside government and other professional bodies to increase public trust and shape standards in this critical field.
The UK government is currently consulting on regulating the professional standards of practice and competency in cyber security through legislation. The government recognises that its previous approach is not delivering the requisite change quickly enough.
The top three key actions the UK Government is taking as a result of the review:
Strengthening UK cyber legislation, in particular through the Network and Information Systems (NIS) Regulations, to ensure organisations take appropriate action to secure their services
Identifying ways in which it can mandate large companies to appropriately assess and address the cyber risks they face
Embedding clear professional standards and pathways developed by the UK Cyber Security Council (UKCSC) as the professional authority
We publish opinion and thought leadership pieces from a diverse range of voices bringing ethical perspectives, professionalism and technical insight to the cyber security debate.
A community of IT professionals and enthusiasts who are passionate about information security. Anyone interested in the cyber security can come to a meeting across the UK where everyone is welcome, members and non-members alike.
Visit the Information Security specialist group (ISSG) website
Our specialist groups organise events.
Qualify in a digital apprenticeship role to gain the knowledge and competencies to become a valuable member of the team. BCS offers apprenticeships in cyber security.
