Groundbreaking Guidance Released by NCSC, CPNI, and BEIS to Bolster Information Security in Joint Venture Construction Initiatives.
In a pioneering move, cyber security specialists have united forces with government bodies to provide unprecedented guidance for construction firms engaged in major collaborative projects like HS2.
The Information Security Best Practice guide, jointly published by the National Cyber Security Centre (NCSC), the Centre for the Protection of National Infrastructure (CPNI), and the Department for Business, Energy and Industrial Strategy (BEIS), delivers tailor-made advice to fortify these firms against potential cyber threats and secure sensitive project data.
Joint ventures, often steering colossal projects like HS2 and Crossrail, now have a unique tool at their disposal to shield information from attackers. The collaboration between industry experts and government entities seeks to ensure the secure creation, storage, and sharing of data in such collaborative endeavours.
Sarah Lyons, Deputy Director for Economy and Society Resilience at NCSC, emphasised the national security implications of securing the vast amounts of data handled by joint ventures. She highlighted the significance of safeguarding information, not only for individual businesses but for the protection of crucial national infrastructure.
The guide, a product of collaboration between government and industry members, draws on the expertise of a NCSC-convened trust group. It incorporates insights from companies involved in major infrastructure contracts, offering a comprehensive approach to improving physical, personnel, and cyber security in an era where global threats, including ransomware, persist.
Business Minister Lord Callanan stressed the pivotal role of data and digital technology in fostering a more productive, competitive, and sustainable construction industry. He underlined the challenges posed by new technologies and affirmed that the collaborative guidance aims to fortify construction firms, ensuring secure information management for timely and secure project delivery.
The guidance outlines key steps for joint ventures to enhance information security, encompassing the establishment of governance and accountability structures, identification of personnel responsible for assessing security risks, understanding specific risks and regulatory requirements, and developing shared strategies to manage and mitigate risks holistically.
As the construction industry remains a prime target for online attackers globally, the collaboration between industry leaders and cybersecurity experts is set to bolster the sector's resilience. The Information Security Best Practice guide is lauded as a vital tool in elevating cybersecurity standards across the industry and educating stakeholders on measures required to combat evolving cyber threats.
Leaders in the construction sector, including Jon Ozanne, Chief Information Officer at Balfour Beatty, and Andy Black, Chief Information Security Officer at Sir Robert McAlpine, have welcomed the guidance, recognising its role in combating operational risks and raising standards in information security practices. The collaboration reflects a concerted effort to fortify the construction sector's defences in an increasingly sophisticated cyber threat landscape.
A message from our sponsors, The Ideas Distillery:
If you would like to look at how to implement an ISO 27001 information security management system, then simply contact us.
Or, if you want to see what's involved in more detail, then get a completely free, no obligation, totally tailored ISO Gap Analysis for your business (only available to UK businesses).
コメント