Could culture be the answer to preventing cyber-attacks? Border checks on fruit and veg are scrapped and the ICO moves to Manchester
In the wake of recent highly publicised cyber-attacks, we place a spotlight on how a company’s culture can help to prevent an attack. Good news in the food industry as the risk of BSE is downgraded and border checks on fruit and veg are set to be scrapped. Plus, the ICO office is set to move to Manchester in 2026.
Cyber Security Culture Principles: Culture is Key to Resisting Attack
The National Cyber Security Centre (NCSC) has launched a new set of cyber security culture principles. These have been developed following considerable research and describe the kind of culture that can help businesses stay cyber secure.
Cyber security is about protecting computers, networks and data from theft, damage, or unauthorised access. It also helps to keep personal information, business systems and online services safe from cyber attacks.
The guidance talks about cybersecurity teams and much of it may be more suited to larger organisations, however in view of how vital technology now is in business and the increasing prevalence of cyber attacks, businesses of all sizes will find some benefit in it.
Here’s a brief review of each principle.
Principle 1: Frame cyber security as an enabler, supporting the organisation to achieve its goals.
If not careful, cyber security could be seen as a barrier to getting the job done. For instance, an employee might see security procedures as wasting time that might mean losing a sale.
There may need to be an adjustment in thinking and goal-setting so that everyone sees security as something that helps the business achieve its goals – safely and with confidence. The guidance explores some ways you can achieve this.
Principle 2: Build the safety, trust and processes to encourage openness around security
If people feel there will be negative repercussions, they will be unlikely to speak up. They might cover up mistakes, not challenge others who break rules, or not volunteer ideas that could help improve security.
Therefore, it can be helpful to think about what processes you have in place to avoid this kind of thinking and help staff to feel safe.
Principle 3: Embrace change to manage new threats and use new opportunities to improve resilience
Sticking to the way things have always been done can leave a business vulnerable to new threats.
A security breach or online attack can reveal gaps in how you protect your systems or data, showing you what needs to be improved. By fixing these issues and updating your approach, your business can become more secure and be better prepared next time.
Principle 4: The organisation’s social norms promote secure behaviours
This means that staff are expected to act safely online, and it becomes part of how things are done in the business. When good security habits are normal and encouraged, everyone is more likely to follow them.
Principle 5: Leaders take responsibility for the impact they have on security culture
Leaders in the business have a huge influence on staff behaviour, so it’s important that security policies are supported by word and example from the top. Staff are likely to follow an example, which could mean ignoring a policy if their boss does.
Principle 6: Provide well-maintained cyber security rules and guidelines, which are accessible and easy to understand
The guidance helpfully mentions that rules that are too prescriptive become unwieldy and outdated which will eventually harm efforts to be secure. On the other hand, rules that are too vague or casual leave people stressed and unsure of what to do.
The guidance provides some ideas on how to strike the right balance.
What next?
Why not review the guidance to see how these principles could be applied in your business. The more cyber secure your business is, the more resilient it will be against threats and that can only help your business to keep growing!
See: https://www.ncsc.gov.uk/collection/cyber-security-culture-principles
No Border Checks for Fruit and Veg
The Department for Environment, Food & Rural Affairs has announced that incoming border checks on fruit and veg imported from the European Union will be scrapped.
The recent UK-EU trade deal included a Sanitary and Phytosanitary (SPS) agreement that will eliminate routine SPS border checks for food exports and imports between the UK and EU.
The agreement has not yet come into effect, however in an early move, the government have decided not to require checks on medium-risk fruit and vegetables that would otherwise have come into force this summer. Medium-risk fruit and vegetables include tomatoes, grapes, plums, cherries, peaches, and peppers.
This means that businesses will be able to carry on importing these items from the EU without being subject to fees or border checks.
The easement of checks, which would previously have ended on 1 July 2025, will now be extended to 31 January 2027. This extension should give time for the details of the new SPS deal to be negotiated and the deal enacted.
See: https://www.gov.uk/government/news/fruit-and-veg-import-checks-scrapped-ahead-of-uk-eu-deal
UK Beef Industry Boosted as BSE Risk Status Downgraded
The UK has received a major boost from the World Organisation for Animal Health (WOAH), which has officially recognised the country as having a negligible risk for Bovine Spongiform Encephalopathy (BSE) – the best possible status.
This change marks a significant moment for the UK’s farming and food industries. Following the BSE crisis in the 1980s, British beef exports suffered long standing bans. However, decades of commitment to animal health and biosecurity have now paid off with this new recognition of the UK’s improved risk status.
What the downgrade means
- New trade opportunities: More international markets are expected to open up to UK beef and bovine products.
- Operational changes: Abattoirs and meat processors will benefit from changes to control measures, lowering their operational burden and unlocking financial savings.
- Added carcass value: As an example, the ability to recover mesenteric fat could generate around £10 million per year, according to the British Meat Processors Association.
Welcome news
The announcement has been welcomed by industry leaders and government departments alike, who view it as recognition of the UK’s world-leading standards in animal health, food safety, and disease prevention.
While the news is overwhelmingly positive, farmers and livestock keepers are reminded that BSE is still a notifiable disease. Any suspected cases must be reported immediately.
ICO is On the Move
The Information Commissioner’s Office (ICO) has announced that it will be relocating its head office to Manchester in the autumn of 2026. Their new office will be in the Circle Square development on Oxford Road.
The ICO’s head office has been in Wilmslow for the past 40 years, but with the current lease due to expire, ICO has been reviewing its options.
Moving to Manchester will put it nearer to universities and other organisations that work in data and could help with attracting new talent in the future.