View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 13, 2023

ICO and NCSC sign a memorandum of understanding

The NCSC's chief says the interagency accord will augment its existing relationship with ICO and "boost the UK's digital security."

By Claudia Glover

The UK Information Commissioner’s Office (ICO) and the National Cyber Security Centre (NCSC) have signed a joint Memorandum of Understanding (MoU) setting out how both organisations will cooperate in the aftermath of major cyber incidents. Announced yesterday by the ICO, the agreement contains a commitment from the NCSC that it will never share information with the commissioner’s office shared in confidence by a third party unless it has permission from that organisation to do so.

According to chief executive of the NCSC Lindy Cameron, the organisation’s new memorandum of understanding with the UK’s Information Commissioner’s Office will provide both “with a platform and mechanism to improve cybersecurity”. (Photo by Mehaniq/Shutterstock)

Under the new MoU, the ICO will also incentivise proactive engagement by businesses with the NCSC on all things cybersecurity. This will include exploring how the commissioner’s office can “transparently demonstrate that meaningful engagement with the NCSC will reduce regulatory penalties” for breached businesses. The ICO has also committed to sharing information with the NCSC about cyberattacks “on an anonymised and aggregate basis”, though this will extend to incident-specific details, it added, when “the matter is of national significance”.

“We already work closely with the NCSC to offer the right tools, advice and support to businesses and organisations on how to improve their cybersecurity and stay secure,” said ICO commissioner, John Edwards in a statement. “This Memorandum of Understanding reaffirms our commitment to improve the UK’s cyber resilience so people’s information is kept safe online from cyberattacks.”

From a business perspective, the new agreement between the ICO and NCSC will help businesses to work together with regulators rather than fight them, said Secura CEO Andy Kays, a UK-based threat detection and response business.

“Everyone in cybersecurity agrees that organisations need to be more open and honest about breaches,” said Kays, in a statement. “We know that they happen, but when an organisation hides a breach, it always results in worse outcomes for them, their partners, and their customers. Being transparent is the best way for everyone to learn about, and learn from, major incidents.”

Read more: ICO publishes guidance on use of biometric data in the UK

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.