NCSC advocates Security by Design at Launch of Third Annual Review today in London

The National Cyber Security Centre (“NCSC“) emphasised the need for security by design at the launch of its Annual Review 2019 in London this morning. Many legacy systems are “accidentally insecure”, noted NCSC CEO Ciaran Martin, but now we can see the major trends developing and plan strategically. The Secure by Design Code of Conduct … Read more

The encryption debate is far from ‘going dark’

Shortly after the release of the communiqué from the most recent ministerial meetings of the ‘Five Countries’ security alliance — Australia, Canada, New Zealand, the UK and the US — at the end of July, we warned that the issue of the use of, and access to, encrypted services and technologies ‘remains front of mind for … Read more

UK Government issues Call for Views on post-Brexit Cyber Security Certification

Last week, the Department for Digital, Culture, Media & Sport issued a Call for Views on the certification scheme currently anticipated by Regulation (EU) 2019/881 (the Cybersecurity Act) after Brexit. The closing date for responses is 15 October. In the issued document, the UK Government proposes to maintain “a close relationship with the EU on … Read more

EU adopts new sanctions framework targeting external cyber attacks

On 17 May, the EU adopted legislation which will enable it to impose sanctions against persons and entities who engage in cyber-attacks against the EU and its member states. The sanctions will be designed “to deter and respond to cyber-attacks with a significant effect which constitute an external threat to the EU and its Member … Read more