The new National Cyber Security Centre [NCSC] is pitching itself to CEOs as a friendly government organisation which won't get the regulators involved after data breaches.
Those gathered this morning on the 18th floor of 125 London Wall heard one of the NCSC's deputy directors address CEOs on how they should lead their businesses' recovery from cyber attacks—and it was primarily by contacting NCSC, a part of GCHQ. [Government Communications Headquarters]
Peter Yapp, the deputy director for the incident management directorate, explained how his role worked: "If something [regarding a cyber incident and your company] breaks in the press, I'll get a call from someone in government," he said, and he would be expected to explain what the incident meant.
"If you haven't phoned me and told me about it, I will phone you," stated Yapp.
"It is worth telling me about the most serious incidents," he told his audience, acknowledging that these were difficult to define, before comforting them: "We do not tell the ICO [Information Commissioner's Office] what you tell us."
If the government doesn't know, and the public doesn't know, there's no problem.
(Score: 0) by Anonymous Coward on Friday October 14 2016, @12:26PM
We're onto you, mate.