UK-based NCC Group, an IT company assessing and managing cyber threats, recently released the third edition of its Global Cyber Policy Radar report on cyber security regulation trends.
In 2024, the industrial sector experienced 1,424 ransomware attacks, up from 2023, making it the most targeted group. The attacks affected critical infrastructure and services, caused mass disruption, and led to significant downtime.
“Concerns about foreign access and control over critical infrastructure and data has resulted in a greater focus on domestic ownership and repatriating key supply chains,” Kat Sommer, NCC Group head of government affairs, said. “Together with enhanced oversight of critical infrastructure, these moves mark a notable shift to much more interventionist and protectionist regulatory regimes.
“In these uncertain times, managing cyber security risks is essential to organizations’ sustainable and profitable operations – regardless of mandatory requirements set by governments. Failure to invest in proactive cyber resilience programs not only puts future compliance at risk – given that many cyber rules, such as in the EU, are still in train – but will also hinder organizations’ resilience in the long-term.”
The report also examines recent policy developments and laws and regulations on the horizon. It spotlights operational technology regulation.