UK Government Publishes Draft Code of Practice on Cybersecurity Governance

3 months ago AndyC

Listen to this post

On January 23, 2024, the UK government

UK Government Publishes Draft Code of Practice on Cybersecurity Governance
Listen to this post

On January 23, 2024, the UK government announced that it published a draft Code of Practice on cybersecurity governance (the “Code”). The guidelines in the Code are intended to “help directors and senior leaders shore up their defences from cyber threats.” The Code has been designed in partnership with industry directors, cyber and governance experts, and the UK National Cyber Security Centre (NCSC), with a key focus to ensure that organizations have detailed plans in place to respond to and recover from any potential cyber incidents. While it is acknowledged that “there is no one size fits all approach to governing . . . cyber risk”, there are certain “common fundamental actions” that may be taken. The Code is presented in the form of five overarching principles with relevant actions underneath each principle. The principles are: (i) risk management; (ii) cyber strategy; (iii) people; (iv) incident planning and response; and (v) assurance and oversight.

The government is seeking views on the draft Code from all sectors and invites responses to be provided by March 19, 2024.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , ,

More Stories

CIPL Publishes Report on Enabling Beneficial and Safe Uses of Biometric Technology Through Risk-Based Regulations

CIPL Publishes Report on Enabling Beneficial and Safe Uses of Biometric Technology Through Risk-Based Regulations

3 days ago AndyC
CIPL Publishes White Paper on Leveraging Data Responsibly and a Holistic Data Strategy

CIPL Publishes White Paper on Leveraging Data Responsibly and a Holistic Data Strategy

4 days ago AndyC
New Bipartisan Federal Privacy Proposal Unveiled: American Privacy Rights Act

New Bipartisan Federal Privacy Proposal Unveiled: American Privacy Rights Act

5 days ago AndyC
EDPB Issues Opinion on Pay-Or-Consent Models

EDPB Issues Opinion on Pay-Or-Consent Models

6 days ago AndyC
UK ICO Launches Latest Installment in the AI Consultation Series

UK ICO Launches Latest Installment in the AI Consultation Series

2 weeks ago AndyC
Connecticut Attorney General Issues Report on Privacy Law Enforcement Priorities

Connecticut Attorney General Issues Report on Privacy Law Enforcement Priorities

3 weeks ago AndyC

You may have missed

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

4 hours ago AndyC
Targeted operation against Ukraine exploited 7-year-old MS Office bug

Targeted operation against Ukraine exploited 7-year-old MS Office bug

4 hours ago AndyC
Weekly Update 397

Weekly Update 397

4 hours ago AndyC
What Would a TikTok Ban Mean?

What Would a TikTok Ban Mean?

4 hours ago AndyC
Hackers may have accessed thousands of accounts on California state welfare platform

Hackers may have accessed thousands of accounts on California state welfare platform

22 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.