UK Companies Fear Reporting Cyber Incidents, Parliament Told

Swathes of the British private sector are reluctant to report cybersecurity incidents to law enforcement for fear of regulatory fallout, U.K. lawmakers heard during a parliamentary hearing on ransomware.카지노사이트

Businesses that experience a breach of personal data and online service providers undergoing a substantial cyberattack must report incidents to the Information Commissioner’s Office within 72 hours.

The possibility of regulatory consequences to disclosing incidents drives a wedge between businesses and law enforcement, said Jayan Perera, head of cyber response at London-based Control Risks while testifying Monday before Parliament’s Joint Committee on National Security Strategy.

“The fear may not be that law enforcement will come and slap the handcuffs on them,” Perera told the committee. Rather, they fear that calling police during a cyber incident “will then lead to, you know, some other broader fallout in terms of the regulatory environment.”

Reporting that allowed businesses to anonymously disclose incidents would result in more data, he suggested. If “it wasn’t sort of handing themselves in to say that we’ve made a mistake, that perhaps there would be more sharing there.”바카라사이트

Perera wasn’t the only one during the hearing to suggest that companies are punished for disclosure.

“The comment is also made … that the Americans tend to support their businesses, whereas the other comment also made is that the U.K. tends to find fault when someone gets into trouble,” said Lilian Neville-Jones, a Conservative member of the House of Lords.

“I think there’s a dimension of British culture here,” responded Ollie Whitehouse, chief technical officer, NCC Group, a Manchester-based cybersecurity consulting firm. But he contested Neville-Jones’s characterization. “Things get mobilized, and support is provided,” he said.

Monday’s hearing was the first evidence session for the committee’s inquiry into ransomware, which is currently accepting inputs from industry stakeholders on matters ranging from the scope and extent of ransomware attacks to developing a U.K.- wide response.

The committee is expected to hold more hearings in the coming months.

A recent report by the National Cyber Security Agency revealed ransomware remains the biggest cybersecurity threat, with United Kingdom witnessing this year alone 18 attacks with national-level coordination to mitigate the malware from its critical infrastructure systems온라인카지노

Similar Posts

Leave a Reply

Your email address will not be published.