The Information Commissioner’s Office (ICO) and the National Crime Agency (NCA) are collaborating to enhance support for UK organizations affected by cyber attacks.
The UK’s data protection authority has entered into a memorandum of understanding (MoU) with the NCA, which lays out a commitment from both organizations to assist UK entities in safeguarding themselves against cyber criminals who exploit data.
Key provisions of the MoU include a commitment from the NCA that it will “never disclose information shared in confidence” by an organization to the ICO without obtaining prior consent. Additionally, the ICO has pledged to aid the NCA by providing information on cyber attacks in an “anonymised, systemic, and aggregated” manner, thereby enhancing the NCA’s understanding of the UK cyber threat landscape.
In a joint statement, both the ICO and NCA expressed their intention to coordinate their efforts during cyber incidents, aiming to reduce disruption to organizations as they work to contain and mitigate damage. They also emphasized their partnership’s goal of fostering continuous learning, delivering consistent guidance, and elevating standards related to cyber issues.
Both parties aim to ensure that organizations receive clearer instructions on reporting cyber crime incidents and feel “empowered” to report them promptly.
Stephen Bonner, deputy commissioner for regulatory supervision at the ICO, highlighted the importance of this collaboration in response to the financial burden cyber crime places on UK businesses. “Cyber crime has cost UK firms billions in recent years,” he noted. “It is essential that relevant institutions unite to enhance the UK’s cyber resilience. This new MoU builds upon our ongoing relationship with the NCA and aims to raise cyber security standards, while respecting one another’s responsibilities.”
Paul Foster, deputy director of the NCA and head of the National Cyber Crime Unit, noted that the partnership with the ICO will strengthen the NCA’s existing initiatives. “The NCA coordinates a comprehensive response to cyber crime, targeting cyber criminals and bringing them to justice whenever possible,” he stated. “Organizations facing imminent threats or those that have already fallen victim require support and guidance, and we are committed to working closely with our partners to provide that assistance.
“We are excited to formalize this commitment with the ICO; this agreement represents our shared objective of creating and maintaining a secure and resilient cyber environment for all,” Foster concluded.