"This is particularly relevant considering the implementation of the General Data Protection Regulation next May which requires firms to understand how they hold and process their data"
The association says recent global attacks, a regulatory focus on cyber risk and General Data Protection Regulation "mean now is as important a time as ever for firms to review their cyber security strategy".
The AMI suggests that "even firms who have developed solutions in this area check their plans against the sources in our factsheet".
The AMI says firms should approach cyber risk in a similar way to regulatory risk, in that staff at all levels should have a basic understanding, and that cyber risks should also be addressed in firms’ overall disaster recovery plans.
Robert Sinclair, Chief Executive of AMI, said: “The global spread of the WannaCry ransomware should be a wake-up call for businesses to review their cyber security infrastructure, as no sector or type of firm is immune from attacks. This is particularly relevant considering the implementation of the General Data Protection Regulation next May which requires firms to understand how they hold and process their data, with significant fines for any breaches.
"Our factsheet should be considered a starting point for members, as the National Cyber Security Centre produces extensive guidance for firms on specific areas. We are including a regular section on cyber security in our monthly member newsletter in which we will feature a different topic and signpost to relevant guidance.”
