Spotlight: ISO 31700 standard – Protecting the consumer with privacy by design
The ISO 31700 standard focused on privacy by design for consumer goods and services came into effect on 8 February 2023. Stephen Bailey, Global Privacy Services practice lead at NCC Group shares thoughts on how this could help in the world of consumer protection.
NCC Group welcomes UK Government response to Computer Misuse Act review, but urges timeline clarity
As the UK Government publishes its long-awaited response to a Call for Information on the Computer Misuse Act 1990 (CMA), NCC Group’s Group Head of Strategy and Public Affairs Kat Sommer highlights the key points and what we need to see next.
Swiss financial regulator, FINMA, adopts ‘Resilience by Design’
Last month, the Swiss Financial Market Supervisory Authority, FINMA, published a revised circular on operational risks and resilience at banks. Here, we break down the key points to be aware of.
Spotlight on NIS2 and NIS: Regulating the cyber security of critical infrastructure across the EU & the UK
Mick Flitcroft, Global Lead for Government Compliance Services, NCC Group, explores the similarities and differences between the UK and EU’s approach to regulating the cyber security of critical infrastructure and what they mean in practice
The scale and threat of Ransomware: UK Parliament Committee invites NCC Group’s Ollie Whitehouse to give evidence
This week, NCC Group’s Global CTO, Ollie Whitehouse was called as an expert witness to the UK Parliament Joint Committee on the National Security Strategy’s inquiry into ransomware.
What does the EU-US Trans-Atlantic Data Privacy Framework mean for organisations?
Stephen Bailey, Global Privacy Services practice lead at NCC Group shares a useful summary of the new European Union & United States data privacy network – the Trans-Atlantic Data Privacy Framework and what it means for organisations and individuals.
Welcoming the EU Cyber Resilience Act: a more secure digital future for Europe
Jameson Hyde, Technical Director at NCC Group, shares thoughts on proposals for the EU Cyber Resilience Act and what they mean for the increased security and safety of our connected future.
Spotlight on APRA’s Operational Risk Management Standard
The financial sector is evolving at pace as organisations onboard new tech, and while exciting, these changes come with an increased risk of supplier failure, service deterioration and concentration risk. The latest in a series of new regulations is the Australian Prudential Regulation Authority’s (APRA) standard, released in October 2022.
NCC Group appointed as global auditor for GSMA Network Equipment Security Assurance Scheme (NESAS)
We are delighted to announce our recent appointment as one of only two global auditors for the GSMA Network Equipment Security Assurance Scheme (NESAS)
Reserve Bank of India issues direction on outsourcing of IT services
We share our thoughts on the Reserve Bank of India’s (RBI) Master Direction to set out a risk management framework for the outsourcing of IT services.
NCC Group welcomes expansion of Australia’s Cyber Operational Resilience Intelligence-led Exercises (CORIE) framework
Having supported with the creation of the original CORIE framework and pilot launch in 2021, Tim Dillon, our Director of Professional Services in the Asia Pacific region, has been acknowledged for his contribution and shares his reaction to the updated framework.
Protecting our data: UK Government publishes Data Protection and Digital Information Bill
In July this year, the UK Government published its newly reformed data protection bill, the Data Protection and Digital Information Bill, aiming to improve upon previous regulations and simplify the UK’s data protection landscape. Stephen Bailey, Global Privacy Services practice lead at NCC Group, provides his thoughts on the Bill