New framework for cyber attack reporting introduced
The National Cyber Security Centre (NCSC) has announced it will now work closely with law enforcement agencies to defend against growing cyber threats.
Calling it “a step-change in how intelligence experts align with law enforcement”, the NCSC made the announcement at its flagship conference CYBERUK 2018 in Manchester.
Explaining that it has responded to more than 800 significant incidents since October 2016, the NCSC said incident responders will now classify attacks into six specific categories, rather than the previous three.
The changes are being introduced to improve consistency around incident response and better use of resources, which should ultimately lead to more victims receiving support.
Paul Chichester, NCSC director of operations, said: “This new joint approach, developed in partnership with UK law enforcement, will strengthen the UK’s ability to respond to the significant, growing and diverse cyber threats we face.
“The new system will offer an improved framework for dealing with incidents, especially as GDPR and the NIS Directive come into force shortly. Individual judgements will of course still be applied to respond to incidents as necessary.”
According to the NCSC, information processed by the new framework will be used to generate the most comprehensive national picture yet of the cyber threat landscape. It is intended to span the full range of incidents, from national crises to cyber attacks on individuals.
The incident category definitions give increased clarity on response mechanisms for incidents by identifying what factors would happen to activate a specific classification, which organisation responds and what actions they would take.
Ollie Gower, deputy director at the National Crime Agency, said that the new framework will ensure the organisations are using the same language to describe and prioritise cyber threats, which will help them deliver “an even more joined up response”.
He added that he hoped businesses “will be encouraged” to report any cyber attacks.
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.