Categories: increasing regulatory & legislative requirements
Spotlight: ISO 31700 standard – Protecting the consumer with privacy by design
The ISO 31700 standard focused on privacy by design for consumer goods and services came into effect on 8 February 2023. Stephen Bailey, Global Privacy Services practice lead at NCC Group shares thoughts on how this could help in the world of consumer protection.
NCC Group welcomes UK Government response to Computer Misuse Act review, but urges timeline clarity
As the UK Government publishes its long-awaited response to a Call for Information on the Computer Misuse Act 1990 (CMA), NCC Group’s Group Head of Strategy and Public Affairs Kat Sommer highlights the key points and what we need to see next.
Swiss financial regulator, FINMA, adopts ‘Resilience by Design’
Last month, the Swiss Financial Market Supervisory Authority, FINMA, published a revised circular on operational risks and resilience at banks. Here, we break down the key points to be aware of.
EU adopts landmark IT resilience laws – a look at the Digital Operational Resilience Act (DORA)
Duncan McDonald, Global Head of Compliance Services at NCC Group digs into the detail on DORA, what’s involved with the new regulation, who it will impact and how it will interact with the existing EU framework.
Spotlight on NIS2 and NIS: Regulating the cyber security of critical infrastructure across the EU & the UK
Mick Flitcroft, Global Lead for Government Compliance Services, NCC Group, explores the similarities and differences between the UK and EU’s approach to regulating the cyber security of critical infrastructure and what they mean in practice
The scale and threat of Ransomware: UK Parliament Committee invites NCC Group’s Ollie Whitehouse to give evidence
This week, NCC Group’s Global CTO, Ollie Whitehouse was called as an expert witness to the UK Parliament Joint Committee on the National Security Strategy’s inquiry into ransomware.
What does the EU-US Trans-Atlantic Data Privacy Framework mean for organisations?
Stephen Bailey, Global Privacy Services practice lead at NCC Group shares a useful summary of the new European Union & United States data privacy network – the Trans-Atlantic Data Privacy Framework and what it means for organisations and individuals.
Welcoming the EU Cyber Resilience Act: a more secure digital future for Europe
Jameson Hyde, Technical Director at NCC Group, shares thoughts on proposals for the EU Cyber Resilience Act and what they mean for the increased security and safety of our connected future.
Spotlight on APRA’s Operational Risk Management Standard
The financial sector is evolving at pace as organisations onboard new tech, and while exciting, these changes come with an increased risk of supplier failure, service deterioration and concentration risk. The latest in a series of new regulations is the Australian Prudential Regulation Authority’s (APRA) standard, released in October 2022.
Driving a new future for autonomous vehicle technology
Following the UK’s Department for Transport (DfT) launching its vision for rolling out autonomous vehicles on the road by 2025, Liz James, a senior security consultant specialising in intelligent mobility and transport technology, delves into the interconnected nature of cyber security and physical safety of autonomous vehicles.
NCC Group appointed as global auditor for GSMA Network Equipment Security Assurance Scheme (NESAS)
We are delighted to announce our recent appointment as one of only two global auditors for the GSMA Network Equipment Security Assurance Scheme (NESAS)
Reserve Bank of India issues direction on outsourcing of IT services
We share our thoughts on the Reserve Bank of India’s (RBI) Master Direction to set out a risk management framework for the outsourcing of IT services.
NCC Group welcomes expansion of Australia’s Cyber Operational Resilience Intelligence-led Exercises (CORIE) framework
Having supported with the creation of the original CORIE framework and pilot launch in 2021, Tim Dillon, our Director of Professional Services in the Asia Pacific region, has been acknowledged for his contribution and shares his reaction to the updated framework.
Protecting our data: UK Government publishes Data Protection and Digital Information Bill
In July this year, the UK Government published its newly reformed data protection bill, the Data Protection and Digital Information Bill, aiming to improve upon previous regulations and simplify the UK’s data protection landscape. Stephen Bailey, Global Privacy Services practice lead at NCC Group, provides his thoughts on the Bill
NCC Group joins UK Cyber Security Council
Our membership of the UK Cyber Security Council, (the government-backed chartered body representing the UK’s cyber security profession), will see us work alongside The Council and other members, to develop and promote nationally recognised standards for cyber security, in support of the UK Government’s National Cyber Strategy.
Banking on resilience: Bank of England proposes new rules for financial sector cyber resilience
Following proposals from the Bank of England focused on outsourcing and third-party risk management, NCC Group outlines what the new rules set out to achieve, how they could impact financial services providers, and next steps to enhance the guidance.
Spotlight on Canada’s approach to managing third party risk in the finance sector
Following the call for input from the Canadian Office of the Superintendent of Financial Institutions (OSFI), on the way financial institutions manage third-party risk, John Boruvka, Vice President, Sales - US for NCC Group Software Resilience, provides an overview of the key points to note.
What does the new appointment of a Minister for Cyber Security mean for Australia?
In a sign that the new Labor Government in Australia is set to prioritise cyber security, Prime Minister Anthony Albanese has appointed Clare O’Neil as the new Minister for Cyber Security. This marks the first time the Australian Government has had a dedicated minister for cyber.
Securing cyber-physical infrastructure
Charly Davis, Head of Industrials at NCC Group shares thoughts on some of the key areas of the UK’s Government proposed vision for how national cyber-physical infrastructure could accelerate innovation across the UK.