New cyber incident framework in UK

UK National Cyber Security Centre (NCSC) has drawn up a new cyber incident framework, which classifies cyber incidents in six categories, up from previous three categories. A category one incident is a “national cyber emergency”, which causes sustained disruption to essential services or affects national security, leading to severe economic or social consequences, or loss of life. A category two incident is a “highly significant” incident which has a serious impact on central government or a large proportion of the population. Category three covers “significant” attacks which have a significant impact on a large organization or local government. Category four covers substantial incidents, while category five covers moderate incidents and category six covers localizes incidents. The aim of the new framework is to universalize the description and prioritization of cyber threats, in order to provide an effective, joined-up response to such threats.