The Conservative members of the London Assembly have called for the introduction of a “Mayoral Standard” for data security to help businesses in the capital improve their baseline information security and demonstrate this to customers.
Greater London Authority (GLA) Conservatives member Andrew Bacon claimed in a new report – Safe and Secure, Protecting London’s Data – that breaches potentially cost organizations in the capital £36 billion a year, and UK firms £147bn, although this figure is extrapolated from previous estimates in the PwC Information Security Breaches Survey 2015.
Previous attempts to improve baseline cybersecurity in UK firms such as the Cyber Essentials scheme have failed to take off, he said.
That had garnered just over 2,000 registrants as of March this year – less than 1% of UK organizations.
Bacon added that the ICO/2700 family of standards can be too expensive and complex for smaller organizations to implement.
London’s Digital Security Centre – a shared service where the Met Police Service, National Crime Agency, and City of London Police work with academics, businesses and tech firms – could help to draw up a new Mayoral Standard, he argued.
The report continued:
“Through the use of the Mayor of London’s powers of convening, the development of a ‘Mayoral Standard’ could potentially enable all organisations in London the opportunity to introduce and adhere to a simplistic and cost-effective data security strategy. The Mayor of London branding is well respected and instantly recognisable – it gives anything which contains it credibility.”
Such a standard would boost the confidence of Londoners in how their data is being handled and be simple enough to implement to encourage widespread take-up, it added.
The mayor could start by implementing it for those organizations which work with the GLA and hopefully that would create a trickle-down effect, raising awareness, the report concluded.
Bernard Parsons, CEO of security firm Becrypt, welcomed the recommendation of a Mayoral Standard for data security, as it could help raise the profile of security and offer a competitive advantage to those firms which sign up.
“There is certainly room for new standards such as the Mayoral Standard to define what good cyber security looks like, but they would need to be aligned with the existing work that government is undertaking, such as the Cyber Essentials scheme, in order to be efficiently adopted by businesses,” he added.