More than two thirds of companies say their directors have no training in responding to cyber-attacks, according to a government survey.
Of 105 businesses in the FTSE 350 questioned, one in 10 revealed they have no plan to cope with hacking, the BBC reports.
Digital Minister Matthew Hancock said May’s NHS attack showed the “devastating effect” of breaches.
He urged companies to take advice and training from the National Cyber Security Centre.
The Cyber Governance Health Check – an annual survey – found that 54 per cent of company boards said computer hacking was one of the main threats to their business.
But 68 per cent of them had no specific training to deal with a hacking incident.
The survey found some progress, however, with 31 per cent of boards receiving comprehensive information about computer security risks, compared to 21 per cent in 2015-16.
Mr Hancock said: “We have a long way to go until all our organisations are adopting best practice.”