FRC publishes recommendations to improve digital security disclosure

News types: Corporate Reports, Generic Announcement, Guidance, Publications

Published: 3 August 2022

The FRC Lab (Lab) has published a report on digital security risk disclosure to help companies improve the disclosure of digital security strategies, risks and governance. 

With the continued digitisation of the economy, digital security risk is increasingly becoming fundamental for an investor's understanding of a business. However, the FRC's research showed that disclosures are not meeting investor needs effectively and companies need to improve to address this s. Companies often provide limited useful information on digital security and don't connect to the wider strategic direction of the business or respond sufficiently to geo-political or cyber events.

Companies can improve disclosures by focusing on aspects of strategy, governance, risk and events. In addition, the Lab report provides details about how to optimise disclosure for investors. It also includes practical examples of developing practice.

Mark Babington, Executive Director of Regulatory Standards at the FRC, said: 

"Every company is now digital, so providing useful, relevant and focused disclosure on digital security is critical. Investors need transparency in this area, and this report provides a key resource for companies looking to achieve this." 

During the project, the FRC was supported by technical experts from DCMS, NCSC and BEIS;

Digital Minister Matt Warman MP said: 

"We're investing £2.6 billion through our National Cyber Strategy to make our digital economy more secure. But as this report shows, businesses can do more to bolster their online defences and improve transparency and reporting around cyber security.  
 
"There is help available so I urge firms to follow NCSC guidance on strengthening their cyber security capabilities so they are in the best position to protect themselves and their customers." 

A link to the full report is available here.