In March 2013, the UK government launched its consultation on cybersecurity standards (the “Consultation”) following the government’s recent announcement regarding a cybersecurity partnership initiative to facilitate information sharing on cyber threats.
Currently there are a number of different cybersecurity standards and guidance documents, and the government seeks to provide clarity to the private sector by endorsing one of the standards. The government states that the “call for evidence, and [the] subsequent selection of a preferred standard, will help companies identify what good cyber risk management looks like and select which organizational standard to invest in.”
The Consultation, inviting organizations to submit evidence in support of their preferred standard, is the latest initiative in the UK’s Cyber Security Strategy, published in November 2011, and follows a number of other recent European cybersecurity initiatives, including the European Commission’s proposed directive on cybersecurity and a proposed statutory framework in Germany for reporting cybersecurity incidents.
Organizations wishing to respond to the Consultation must contact firstname.lastname@example.org to provide the name of (1) the industry body or group of companies, and (2) the standard against which it intends to submit evidence. A submission relating to one organizational standard can then be made; it may be a new standard, an existing standard or one standard comprising of components of multiple existing standards.
The Consultation closes on October 14, 2013.