Cyber bytes - Issue 14
Welcome to Cyber_Bytes, our bi-weekly roundup of key developments in cyber, tech and evolving risks.
The ICO has issued further guidance on its regulatory approach during COVID-19, stating that it has reshaped its priorities for the coming months and will be focusing on six key aspects: (1) protecting vulnerable citizens (2) supporting economic growth and digitalisation (3) shaping proportionate surveillance (4) enabling good practice in AI (5) enabling transparency and (6) maintaining business continuity.
Whilst this means that some ICO projects are being paused, including the investigation into adtech bidding, the ICO has stated that it will be maintaining its statutory functions, including dealing with complaints and investigating data breach reports.
Click here and here to find out more.
NCSC responds to security and privacy fears about COVID-19 tracing app
The National Cyber Security Centre (NCSC) has addressed public fears around privacy and security when using the government's COVID-19 tracing app, which uses Bluetooth to alert a mobile user when they have spent more than 15 minutes within 6ft of someone who has tested positive for COVID-19 or experienced symptoms.
The NCSC has confirmed that the app doesn't store any personal information about users, holds only anonymous data and is built "as secure as practical". It is actively encouraging members of the public to download and use the app when it becomes available.
The ICO is also investigating the app, stating that it will be providing its comments "as quickly as possible so that they can be usefully included in the learnings from the trial.”
To read more, please click here and here.
Government warns of cyber security threat due to COVID-19
The government has warned that cyber criminals are actively targeting national and international organisations responding to COVID-19, including healthcare bodies, pharmaceutical companies, research organisations and various different arms of local government.
A joint statement has been issued by the UK's National Cyber Security Centre and the US Department of Homeland Security Cybersecurity and Infrastructure Security Agency, which provides an update on the methods that cyber criminals are using to target organisations and provides mitigation advice.
To read more, please click here. To read the joint statement by the UK and US cyber security centres, please click here.
NCSC report Suspicious Email Reporting Service results
The National Cyber Security Centre (NCSC) has published the initial results of its suspicious email reporting service, which allows members of the public to notify the NCSC of any suspicious emails that they have received. The results show that 160,000 emails have been reported in just over two weeks, which have resulted in more than 300 bogus websites being taken down.
To read more, please click here.
White paper published - quantifying cyber risks
The Department of Computer Science at Oxford University and AXIS Insurance have published a white paper which discusses a new model that aims to quantify cyber risks. The model estimates cyber risk, taking into account potential losses, probability of losses, and timeframes.
To read more, please click here.
Virtual cyber security classes online during Coronavirus Pandemic
The government has announced plans to keep the flow of new tech talent open during the COVID-19 pandemic. Cyber courses and modules are being offered online, for free.
To access some of the modules, please click here and here.
Greater Manchester Cyber Resilience Centre offers free membership for local businesses
The Cyber Resilience Centre for Greater Manchester is offering a three-month membership for local businesses of up to 100 employees to improve their cyber resilience during the COVID-19 outbreak - including tailored advice, regular cyber news updates and useful tools.
Click here to find out more.