web analytics

UK ICO and NCA to Collaborate on Cyber Incident Preparedness – Source: www.databreachtoday.com

uk-ico-and-nca-to-collaborate-on-cyber-incident-preparedness-–-source:-wwwdatabreachtoday.com
Rate this post

Source: www.databreachtoday.com – Author: 1

Geo Focus: The United Kingdom
,
Geo-Specific
,
Governance & Risk Management

Agencies Sign Agreement to Boost Cooperation, Share Cyberthreat Information

Akshaya Asokan (asokan_akshaya) •
September 10, 2024    

UK ICO and NCA to Collaborate on Cyber Incident Preparedness
The U.K. National Crime Agency and the Information Commissioner’s Office will share more information on cyber incidents. (Image: Shutterstock)

The British data protection authority and national law enforcement agency signed onto a cyber risk information-swapping agreement with the aim of improving cyber defenses and increasing reporting.

See Also: Does Office 365 Deliver The Email Security and Resilience Enterprises Need?

Under the agreement signed Thursday, the National Crime Agency and the Information Commissioner’s Office will share cyberthreat assessments and information about incidents.

“Unfortunately we’ve seen cybercrime costing UK firms billions over the past years. That’s why it’s crucial that relevant bodies work together to boost the U.K.’s cyber resilience,” said Stephen Bonner, the ICO’s deputy commissioner for regulatory supervision.

The agreement will help organizations that are struggling to find support and guidance in the wake of a cyberattack, said Paul Foster, the NCA’s directorial head for cybercrime unit.

The agencies will share cyberthreat assessments and mainly anonymized and aggregated incident data over email and in a standing monthly meeting officials held to ensure the two agencies aren’t duplicating work.

The announcement of the agreement came loaded with exhortations for companies to disclose cyber incidents to authorities. It’s a myth that “it’s better to keep quiet,” the NCA said about hacking. “If attacks are covered up, it’s the criminals who benefit. Reporting not only protects your organization. It helps other victims too,” it said.

The ICO requires businesses and other organizations to report a cyber incident within 72 hours. The reporting obligations depend on the severity of the attack on the targeted systems and the number of affected customers. A survey published by the Department of Science, Innovation and Technology in April found widespread reluctance to report incidents, often from fear of fines or reputational damage (see: Half of UK Firms, Charities Failed to Report Cyber Incidents).

“One of the greatest problems the U.K. government has with organizations is under-reporting and a lack of synchronization with the existing reporting of cybercrime,” said Jordan Schroeder, managing CISO at Glasgow-based Barrier Networks. The issue is leads to a “very incomplete picture as to what companies have been affected, what the victims are and what is the extent of such attacks,” he said.

“The idea here is that it will improve reporting. It will improve the synchronization of information between regulatory bodies and law enforcement bodies,” Schroeder said.

The agencies said the information-sharing agreement also should strengthen responses to disruptive cyberattacks against its critical infrastructure. The initiative comes as high-profile attacks against essential services in the U.K. continue to occur.

These include an attack this month against Transport for London that caused payment difficulties for the city’s commuters and degraded service for a public transport service for wheelchair users and others with disabilities (see: Breach Roundup: Transport for London Still Feels Cyberattack).

A June ransomware attack on a British National Health IT service provider forced London hospitals to postpone at least 1,500 medical appointments (see: NHS Ransomware Hack: 1,500 Medical Appointments Rescheduled).

Original Post url: https://www.databreachtoday.com/uk-ico-nca-to-collaborate-on-cyber-incident-preparedness-a-26253

Category & Tags: –

Views: 1

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post

Joas Antonio
ChatGPT for Cybersecurity by Joas Antonio dos Santos – malwareanalysis #reverseengineering
ChatGPT for Cybersecurity by Joas...
CISO2CISO Notepad Series
How Can We Structure Cybersecurity Teams To Better Integrate Security In Agile At Scale?
How Can We Structure Cybersecurity...
OCCUPYTHEWEB
Linux Basics for Hackers by Occupytheweb
Linux Basics for Hackers by...
NIST
Digital Forensics and Incident Response (DFIR) Framework for Operational Technology (OT) by NIST – Eran Salfati and Michael Pease
Digital Forensics and Incident Response...
Think Big Blog
Top 10 TED Talks to Learn about Cyber Security
Top 10 TED Talks to...
NCSC
NCSC Cyber Security for Small Business “SMEs” Guide.
NCSC Cyber Security for Small...
Marcos Jaimovich
The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.
The Silent Spectre Haunting Your...
Marcos Jaimovich
Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?
Goodbye to Traditional: Why Conventional...
Marcos Jaimovich
Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich
Why do we compare a...
Joas Antonio
Security Operations Center (SOC) – Tools for Operations Development by Joas Antonio
Security Operations Center (SOC) –...
IZZMIER
Incident Response Playbooks & Workflows Ready for use in your SOC & Redteams
Incident Response Playbooks & Workflows...
LOGPOINT
396 Use Cases & Siem Rules Code ready for use for Mitre Attacks Events Detection in Your SOC by Logpoint
396 Use Cases & Siem...

LASTEST PUBLISHED POSTS

Google Cloud
Board of Directors Handbook for Cloud Risk Governance
Board of Directors Handbook for...
ISACA
Blueprint for Ransomware Defense
Blueprint for Ransomware Defense
Shaurya Rawal
Blockchain Security
Blockchain Security
RISK academy
BEST RISK MANAGEMENT PROMPTS FOR CHATGPT
BEST RISK MANAGEMENT PROMPTS FOR...
IGNITE Technologies
Best Alternative of Netcat
Best Alternative of Netcat
aws
AWS Security Incident Response Guide
AWS Security Incident Response Guide
DevSecOps Guide
Attacking Rust
Attacking Rust
DevSecOps Guide
Attacking Pipeline
Attacking Pipeline
DevSecOps Guide
Attacking Golang
Attacking Golang
HADESS
Assembly for Hackers
Assembly for Hackers
BIONIC
Application Security Posture Management
Application Security Posture Management
Wallarm
API ThreatStatsTM Report
API ThreatStatsTM Report

More Latest Published Posts

ChiefExecutive
Ciberseguridad: Prioridad Estratégica para los CEO.
Ciberseguridad: Prioridad Estratégica para los CEO.
CYBER SECURITY COALITION
CYBER SECURITY INCIDENT MANAGEMENT GUIDE
CYBER SECURITY INCIDENT MANAGEMENT GUIDE
INL/EXT
Cybersecurity for Distributed Wind
Cybersecurity for Distributed Wind
ARTIC WOLF
Cybersecurity Compliance Guide
Cybersecurity Compliance Guide
ESRAA MOHAMAD
ELEARN SECURITY CERTIFIED INCIDENT RESPONSE
ELEARN SECURITY CERTIFIED INCIDENT RESPONSE
DRAGOS
Impact of FrostyGoop ICS Malware on Connected OT Systems
Impact of FrostyGoop ICS Malware on Connected OT Systems
Victor Tong
Digital Operational Resilience Act – Control Mappings
Digital Operational Resilience Act – Control Mappings
ARMIS
DORA Resiliency Guide Strengthening Cybersecurity and Operational Resilience in the Financial Sector
DORA Resiliency Guide Strengthening Cybersecurity and Operational Resilience in the Financial Sector
IGNITE Technologies
Docker Penetration Testing
Docker Penetration Testing
IGNITE Technologies
Disk Group Privilege Escalation
Disk Group Privilege Escalation
Hiral Patel
Data LossPrevention(DLP)
Data LossPrevention(DLP)
Polygon
Digital identity – Deutsche Bank Corporate Bank
Digital identity – Deutsche Bank Corporate Bank
CSA Cloud Security Alliance
The Six Pillars of DevSecOps:Collaboration andIntegration
The Six Pillars of DevSecOps:Collaboration andIntegration
ASPIRE SYSTEMS
A complete guide toImplementingDevSecOps in AWS
A complete guide toImplementingDevSecOps in AWS
GAO
CYBERSECURITY PROGRAM AUDIT GUIDE
CYBERSECURITY PROGRAM AUDIT GUIDE
Apress
Demystifying Intelligent Multimode Security Systems An SystemsAn Edge-to-Cloud Cybersecurity Solutions Guide
Demystifying Intelligent Multimode Security Systems An SystemsAn Edge-to-Cloud Cybersecurity Solutions Guide
PWC
Data Privacy Handbook
Data Privacy Handbook
CERT-EU
DDoS Overview and Response Guide
DDoS Overview and Response Guide
IGNITE Technologies
Data Exfiltration Cheat Sheet
Data Exfiltration Cheat Sheet
CRC Press
Data Privacy for the Smart Grid
Data Privacy for the Smart Grid
New York State
Cybersecurity Program Template A resource to help individual licensees and individually owned businesses develop a cybersecurity program as required by New York State’s Cybersecurity Regulation 23 NYCRR Part 500
Cybersecurity Program Template A resource to help individual licensees and individually owned businesses develop a cybersecurity program as required by New York State’s Cybersecurity Regulation 23 NYCRR Part 500
Apress
Cyber Security on Azure An IT Professional’s Guide to Microsoft Azure Security
Cyber Security on Azure An IT Professional’s Guide to Microsoft Azure Security
CyberJA
ASSET IDENTIFICATION & CLASSIFICATION-A CRITICAL COMPONENT OF CYBER RISK MANAGEMENT
ASSET IDENTIFICATION & CLASSIFICATION-A CRITICAL COMPONENT OF CYBER RISK MANAGEMENT
SOSAFE
CybercrimeTrends 2024 The latest threats and security best practices
CybercrimeTrends 2024 The latest threats and security best practices
Routledge
Cyber Security Politics Socio-Technological Transformations and Political Fragmentation
Cyber Security Politics Socio-Technological Transformations and Political Fragmentation
Cigref
Surviving a Massive cyber-attack by Cigref
Surviving a Massive cyber-attack by Cigref
Hidaia Mahmood Alassouli
Common Windows, Linux and Web Server SystemsHacking Techniques
Common Windows, Linux and Web Server SystemsHacking Techniques
Splunk
SPLUNK® AND THE CIS CRITICALSECURITY CONTROLS Mapping Splunk Software to the CIS 20 CSC Version 6.0
SPLUNK® AND THE CIS CRITICALSECURITY CONTROLS Mapping Splunk Software to the CIS 20 CSC Version 6.0