Geo Focus: The United Kingdom
,
Geo-Specific
,
Governance & Risk Management
Agencies Sign Agreement to Boost Cooperation, Share Cyberthreat Information
The British data protection authority and national law enforcement agency signed onto a cyber risk information-swapping agreement with the aim of improving cyber defenses and increasing reporting.
See Also: Does Office 365 Deliver The Email Security and Resilience Enterprises Need?
Under the agreement signed Thursday, the National Crime Agency and the Information Commissioner’s Office will share cyberthreat assessments and information about incidents.
“Unfortunately we’ve seen cybercrime costing UK firms billions over the past years. That’s why it’s crucial that relevant bodies work together to boost the U.K.’s cyber resilience,” said Stephen Bonner, the ICO’s deputy commissioner for regulatory supervision.
The agreement will help organizations that are struggling to find support and guidance in the wake of a cyberattack, said Paul Foster, the NCA’s directorial head for cybercrime unit.
The agencies will share cyberthreat assessments and mainly anonymized and aggregated incident data over email and in a standing monthly meeting officials held to ensure the two agencies aren’t duplicating work.
The announcement of the agreement came loaded with exhortations for companies to disclose cyber incidents to authorities. It’s a myth that “it’s better to keep quiet,” the NCA said about hacking. “If attacks are covered up, it’s the criminals who benefit. Reporting not only protects your organization. It helps other victims too,” it said.
The ICO requires businesses and other organizations to report a cyber incident within 72 hours. The reporting obligations depend on the severity of the attack on the targeted systems and the number of affected customers. A survey published by the Department of Science, Innovation and Technology in April found widespread reluctance to report incidents, often from fear of fines or reputational damage (see: Half of UK Firms, Charities Failed to Report Cyber Incidents).
“One of the greatest problems the U.K. government has with organizations is under-reporting and a lack of synchronization with the existing reporting of cybercrime,” said Jordan Schroeder, managing CISO at Glasgow-based Barrier Networks. The issue is leads to a “very incomplete picture as to what companies have been affected, what the victims are and what is the extent of such attacks,” he said.
“The idea here is that it will improve reporting. It will improve the synchronization of information between regulatory bodies and law enforcement bodies,” Schroeder said.
The agencies said the information-sharing agreement also should strengthen responses to disruptive cyberattacks against its critical infrastructure. The initiative comes as high-profile attacks against essential services in the U.K. continue to occur.
These include an attack this month against Transport for London that caused payment difficulties for the city’s commuters and degraded service for a public transport service for wheelchair users and others with disabilities (see: Breach Roundup: Transport for London Still Feels Cyberattack).
A June ransomware attack on a British National Health IT service provider forced London hospitals to postpone at least 1,500 medical appointments (see: NHS Ransomware Hack: 1,500 Medical Appointments Rescheduled).