Two thirds of bosses at Britain’s biggest businesses are not trained to deal with a cyber-attack a report by the government has found.

One in ten FTSE 350 companies revealed they operate without a response plan for a cyber incident.

Minister for Digital Matt Hancock is urging companies to take advice and training from the National Cyber Security Centre.

He said: “We have world leading businesses and a thriving charity sector but recent cyber-attacks have shown the devastating effects of not getting our approach to cyber security right.”

The FTSE 350 Cyber Governance Health Check is the Government’s annual report providing insight into how the UK’s biggest 350 companies deal with cyber security.

It found that 68 per cent of boards had not received specific training to deal with a cyber incident despite more than half (54 per cent) saying cyber threats were one of the main risks to their business.

The survey did find some progress, more than half of company boards are now setting out their approach to cyber risks, 53 per cent this year compared to 33 per cent last year, and more than half of businesses have a clear understanding of the impact of a cyber-attack.

Alex Dewdney, National Cyber Security Strategy Director for Engagement, said: “The NCSC is committed to making the UK the safest place in the world to live and do business online.

“We know that we can’t do this alone – everyone has a part to play. That’s why we’re committed to providing organisations with expert advice through our website and direct engagement.

“We also urge organisations to follow the guidance in the Government’s Cyber Essentials Scheme”