The former National Cyber Security Centre (NCSC) Chief, Ciaran Martin, has expressed support for the UK government's Cyber Security and Resilience Bill, which adds a mandatory 72-hour deadline for reporting ransomware and other cyber incidents to the government. Martin views this as a positive move to encourage businesses to report incidents promptly, thus aiding in protecting critical infrastructure. The proposed regulations are expected to be similar to the Cyber Resilience Act of the European Union, emphasizing incident reporting, as well as patching and vulnerability disclosure
By promoting reporting, the government and law enforcement agencies can gather essential data to address cyber incidents effectively. Martin warns about underreporting by organizations due to concerns about reputation damage and fines, emphasizing the importance of providing support to cyber victims to ensure their cooperation. Additionally, Martin highlights the evolving threat landscape, particularly citing Chinese state-backed groups like Volt Typhoon that are now targeting Western critical infrastructure, posing significant risks. Collaboration between government and private entities is crucial to enhance the nation's security posture, focusing on long-term solutions, security by design, and improving defenses against cyber threats. ```https://www.bankinfosecurity.com/ex-ncsc-chief-uk-cyber-incident-reporting-good-step-a-26557