The UK National Cyber Security Centre (NCSC) and the UK’s data protection regulator the Information Commissioner’s Office (ICO) have published a rare joint article dispelling several myths about cyberattack reporting to tackle the problem of unreported data breaches. The pair argued that, while businesses may be tempted to hide data breaches to avoid negative scrutiny, cybercriminals enjoy greater success when attacks are not reported.
In contrast, greater transparency and open discussion around cyberattacks is a positive for everyone, giving victims access to support and advice, sharing lessons learned to help improve awareness and cyber resilience, and breaking the cycle of crime to prevent others from falling victim. It’s also likely to be viewed more favourably by data protection regulators.