Article 76TF8 Government's cyber pledge lands 60 signatories, including M&S and, somehow, Capita

Government's cyber pledge lands 60 signatories, including M&S and, somehow, Capita

by
from www.theregister.com - Articles on (#76TF8)
Story ImageAfter serving as last year's poster child for retail cyber misery, Marks & Spencer has become one of the first companies to sign up to the UK government's new Cyber Resilience Pledge. The retailer is among 60 organizations that have signed up to the voluntary scheme, launched by technology secretary Liz Kendall on Tuesday. Signatories commit to treating cybersecurity as a board-level responsibility, signing up to the National Cyber Security Centre's Early Warning service, and encouraging suppliers to achieve Cyber Essentials certification or an equivalent baseline. "Today, some of Britain's biggest businesses are taking action to strengthen their cyber defenses and setting a powerful example for others to follow," Kendall said. "By signing this Pledge, they are showing that cyber resilience is no longer just an IT issue - it is a business imperative." She warned that cyberattacks can disrupt services, expose customer data, and damage the bottom line, adding that AI is making attacks "more sophisticated and easier to launch." M&S's appearance is hardly surprising. After falling victim to one of the UK's highest-profile cyber incidents last year, opting out would have raised more eyebrows than opting in. More interesting are some of the names missing from the government's roll call. Not every member of last year's cyber casualty club made the guest list. Co-op and Harrods are absent from the government's roll call, as is Jaguar Land Rover, which spent weeks recovering from a cyberattack before later receiving a 1.5 billion government-backed lifeline to help shield its supply chain from the fallout. The pledge is entirely voluntary, so their absence doesn't necessarily say anything about their security posture, but if ministers are presenting the initiative as a badge of good cyber citizenship, it's fair to ask why they chose not to wear it. Then there's Capita. The outsourcing giant has also signed the pledge, despite developing an impressive archive in The Reg of cybersecurity mishaps over the past few years. Last year, it was fined by the ICO over its 2023 ransomware attack that exposed more than 6 million records, and earlier this year, it disclosed that a pension portal had exposed personal information belonging to civil servants. Either nobody believes in continuous improvement more than Capita, or the government's definition of cyber resilience is reassuringly forgiving. Microsoft also features prominently among the launch partners, with UK chief executive Darren Hardman praising the initiative as a way to strengthen cyber resilience. Security professionals may quietly note that Microsoft's software also keeps them exceptionally busy for at least one Tuesday every month. Beyond the more eyebrow-raising additions, the list reads like a roll call of corporate Britain. Aviva, Fujitsu, London Stock Exchange Group, Mastercard, Morrisons, Pearson, QinetiQ, SSE, United Utilities, and Vodafone all signed up, alongside a sizeable contingent of consultancies and cybersecurity firms. There's no enforcement mechanism behind the pledge, only the optics of signing up. That makes the omissions almost as interesting as the names that made the cut. (R)
External Content
Source RSS or Atom Feed
Feed Location http://www.theregister.co.uk/headlines.atom
Feed Title www.theregister.com - Articles
Feed Link https://www.theregister.com/
Reply 0 comments