UK Government Publishes Draft Code of Practice on Cybersecurity Governance
Time 1 Minute Read
Categories: Cybersecurity

On January 23, 2024, the UK government announced that it published a draft Code of Practice on cybersecurity governance (the “Code”). The guidelines in the Code are intended to “help directors and senior leaders shore up their defences from cyber threats.” The Code has been designed in partnership with industry directors, cyber and governance experts, and the UK National Cyber Security Centre (NCSC), with a key focus to ensure that organizations have detailed plans in place to respond to and recover from any potential cyber incidents. While it is acknowledged that “there is no one size fits all approach to governing . . . cyber risk”, there are certain “common fundamental actions” that may be taken. The Code is presented in the form of five overarching principles with relevant actions underneath each principle. The principles are: (i) risk management; (ii) cyber strategy; (iii) people; (iv) incident planning and response; and (v) assurance and oversight.

The government is seeking views on the draft Code from all sectors and invites responses to be provided by March 19, 2024.

Tags: United Kingdom
Print Email Twitter/X Linkedin Facebook

You May Also Be Interested In

Time 2 Minute Read
UK Regulators Issue Joint Statement on Age Assurance for Online Services

On March 25, 2026, the UK Information Commissioner’s Office and the UK Office of Communications released a joint statement addressing the intersection of online safety and data protection in relation to age assurance.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
UK ICO Publishes Guidance on Recognized Legitimate Interest Basis

On March 23, 2026, the UK Information Commissioner's Office released new guidance clarifying the use of the new recognized legitimate interest lawful basis for processing personal information under UK data protection law.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 3 Minute Read
UK ICO Launches Consultation on New Guidance on Research, Archiving and Statistics Provisions

On February 27, 2026, the UK ICO announced a public consultation on proposed updates to its guidance concerning research, archiving and statistics to reflect the changes introduced by the Data (Use and Access) Act 2025.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
UK ICO Fines Reddit £14.47 Million for Failing to Protect Children’s Privacy

On February 24, 2026, the UK ICO announced that it had fined Reddit, Inc. £14.47 million following an investigation into the company’s handling of children’s personal information.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page