The National Cyber Security Centre (NCSC) and the Information Commission Office (ICO) have clarified their roles in relation to breaches of cyber security.  NCSC manages cyber incidents at a national level to prevent harm being caused to both victims and the UK overall. It helps manage the response at a governmental level and seeks to ensure that lessons are learned to help deter future attacks. The ICO is the independent regulator for enforcing and monitoring data protection legislation and the competent authority for Digital Service Providers under the Network and Information Systems (NIS) Directive. The ICO is the first port of call for organisations who have suffered a breach of cyber security. Read more

The UK’s data protection authority, the ICO, has announced twice in two days this week that it proposes to levy significant fines on organisations for breaches of the General Data Protection Regulation (GDPR), which took effect in May 2018. First it announced that it intends to fine British Airways some £183 million for a data … Read more