CYBERUK19: NCSC and ICO Clarify Roles to Assist Incident Response

Infosecurity Magazine | April 26, 2019

CYBERUK19: NCSC and ICO Clarify Roles to Assist Incident Response
The UK’s National Cyber Security Centre (NCSC) and regulator the Information Commissioner’s Office (ICO) have agreed to clarify their roles and improve coordination, in a move designed to make it easier for breached organizations to reach out to the right body. At the CYBERUK conference in Glasgow yesterday, the two set out their distinct roles and responsibilities. GCHQ body the NCSC is tasked with dealing with incidents of “national importance” and is on hand to help victim organizations in the immediate aftermath of an attack to better understand the incident. Although it will encourage organizations to meet their requirements under the GDPR and NIS Directive, its free advice will be given confidentially, with no information shared with GDPR regulator the ICO without seeking consent first. The ICO will then be on hand to help organizations take the right steps to mitigate any risks to individuals’ data, and ensure a proper investigation is set up and that legal responsibilities are met.

Spotlight

DATA SECURITY POLICY. Risk Management Practice Guide of Lawyers Mutual. LAWYERS I LIABILITY INSURANCE COMPANY OF MUTUAL NORTH CAROLINA. INTERNAL THREAT 1. accidental deletion or dissemination of client's files 2. downloading malware or virus 3. exposing server and client files SECURITY AUDIT. Install virus protection software VISITOR & CONTRACTOR PROTOCOL Can office visitors or contractors access secure data PROTOCOL FOR EMPLOYEES LEAVING. If employee is leaving, lock down the data  OFFICE COMPUTERS & SERVERS Create an acceptable use policy for the workplace.

Related News

DATA SECURITY

Launching BlackBerry Jarvis 2.0, BlackBerry to Address Global Embedded Cybersecurity Landscape

BlackBerry | July 27, 2021

BlackBerry Limited (NYSE: BB; TSX: BB) has announced the release of the latest edition of the company's flagship software composition analysis tool, BlackBerry Jarvis 2.0. A SaaS version of the original Jarvis capabilities is introduced in the BlackBerry Jarvis 2.0. This provides integrators and developers a more focused and user-friendly feature set around the three most important areas, which those building mission-critical applications want to authenticate to confirm the superiority of their multi-tiered software supply chain; Common Vulnerabilities and Exposures (CVE), Open-source Software (OSS), and Software Bill of Materials (SBOM) management. In addition, to empower teams to keep software protected from all known concerns based on the illegal intelligence BlackBerry Jarvis 2.0 provides, the online end-user dashboard of the tool has also been improved with detailed restraints and advisory flags. Designed to address the growing cybersecurity threats and increasing complexity among multi-tiered software supply chains within the automotive, medical, and aerospace industries, BlackBerry Jarvis 2.0 permits OEMs to examine the attribution of their code and every single software quality that comes into their complete supply chains to confirm their products are both safe and modernized with the most modern security reinforcements. BlackBerry Jarvis 2.0 addresses the need to identify and remediate vulnerabilities by identifying them, then providing deep, actionable insights in minutes – something that would otherwise involve manually scanning that would take large numbers of experts and an impractical amount of time. About BlackBerry BlackBerry offers intelligent security software and services to governments and enterprises globally. Including 195M vehicles, The Company secures more than 500M endpoints. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of safety and data privacy solutions, cybersecurity and is a leader in the areas of endpoint management, endpoint security, embedded systems, and encryption.

Read More

New Zealand stock exchange hit by cyber attack for second day

theguardian | August 26, 2020

New Zealand’s stock market has been interrupted by an apparent overseas cyber attack for the second day running. The Wellington-based NZX exchange went offline at 11.24am on Wednesday and although some connectivity was restored for investors, some trading was halted. The NZX said it had experienced “network connectivity issues” and that the NZX main board, NZX debt market and Fonterra shareholders market were placed on halt. However it then announced that those areas would resume trading with the rest of the market at 3pm on Wednesday.

Read More

DATA SECURITY

Credence Security, a Leading Cybersecurity and Digital Forensics Value-Added Distributor, has Launched a New Partner Portal

CREDENCE SECURITY | June 03, 2021

The demand for leading cybersecurity and digital forensics solutions is higher than ever. For over 20 years, Credence Security, a PAN-EMEA specialty distributor, has led in these areas along with governance, risk, and compliance, based in Dubai and regional presence in Johannesburg, London, Nairobi, New Delhi, and Saudi Arabia. Credence Security provides cybersecurity and digital forensics solutions to both public and private sector enterprises through a select network of specialist resellers. In exciting news from the company, in response to its continued rapid growth, Credence Security recently announced the launch of its new Credence Security Partner Portal, which will enable easier deal registration, better tracking of opportunities, and SPIFF programs, access to sales and marketing materials, and much more. This is expected to be a precious tool for the company's resellers. "Our channel partners are one of our most important relationships," commented Philip Cherian, Regional Channel Director. "We paid attention to our partner feedback and enhanced our Channel Partner Program and Partner Experience Portal, doubling down on our commitment to helping them succeed by continuing to invest in our Channel, tools, and infrastructure to support our partners across the region and make it even easier for them to do business with our vendors and us." Credence Security is built on the foundation of 4 focus pillars – Continuous Adaptive Risk and Trust Assessment, Data Protection and Governance, Digital Forensics and Incident Response and Identity, Payments, and Data Security. "The value delivered in all of these areas is something that continues to grow, both as technology advances, but also from the company making every effort to understand the challenges partners and clients face so they can be more effectively addressed," commented Moe Bux, Regional Sales Director. "This strategy has been a key component in Credence Security's success and continued value-added growth." The Credence Security Partner Portal launch arrives on the back of a record-breaking year for the channel team, which saw its best year across the channel in respect of: • Channel team growth • Overall revenue growth generated by our specialist resellers • Partner growth in both geographical as well as vertical expansion ABOUT CREDENCE SECURITY Established in 1999, Credence Security, a PAN-EMEA specialty distributor, is cybersecurity, forensics, governance, risk, and compliance. Unlike most other distributors, we take a consultative "value-add" solution approach; we collaborate with our partners and their customers to understand their needs, both from a technology and business perspective, and then work very closely with our partners to deliver tailor-made solutions. Working closely with globally recognized, award-winning vendors including AccessData, ESET, Entrust, Magnet Forensics, ZeroFox, and Trustwave, Credence Security provides best-in-class, Cybersecurity and Forensics technologies and solutions to protect organizations against advanced persistent threats, malicious adversaries, and internal malpractice.

Read More

Spotlight

DATA SECURITY POLICY. Risk Management Practice Guide of Lawyers Mutual. LAWYERS I LIABILITY INSURANCE COMPANY OF MUTUAL NORTH CAROLINA. INTERNAL THREAT 1. accidental deletion or dissemination of client's files 2. downloading malware or virus 3. exposing server and client files SECURITY AUDIT. Install virus protection software VISITOR & CONTRACTOR PROTOCOL Can office visitors or contractors access secure data PROTOCOL FOR EMPLOYEES LEAVING. If employee is leaving, lock down the data  OFFICE COMPUTERS & SERVERS Create an acceptable use policy for the workplace.