News from the Wire

3rd global cyber policy report explores geopolitical climate in flux

Wednesday, April 09, 2025 — 16:18:27 (UTC)

Manchester, UK, April 9, 2025—NCC Group, a people-powered, tech-enabled global cyber resilience business, today released the third edition of its Global Cyber Policy Radar report into cyber security regulation trends. The report offers a unique insight into the regulatory changes and policy developments organizations need to be aware of. Drawing from NCC Group's work and insights as close advisors to governments, the report covers:

The laws and regulations on the horizon

Recent policy developments you need to know

A spotlight on operational technology (OT) regulation

The three questions to ask yourself in the months ahead

The geopolitical context has changed. We have no choice but to adapt to “the new normal”.

The report discusses how governments are moving to a war footing in cyberspace, presenting new challenges for nationally important businesses. Post the 2024 election cycle, the dust is still settling as governments are yet to set their national cyber strategies. Incident reporting requirements have grown considerably in their scale and complexity. NCC Group’s Global Cyber Policy Radar explores:

Will cyber rules be the exception in the global bonfire of regulations?

Has the era of global cooperation on AI safety come to an end?

How far down the supply chain will regulatory requirements and liability be pushed?

NCC Group head of Government Affairs, Kat Sommer, said: “As the dust from the 2024 election cycle settles, geopolitical turbulence is impacting global approaches to cyber security and cyber policy. Pivotal discussions around global trade are causing ripple effects on international relations, while governments look inwards to reinforce their national cyber defences.

“Concerns about foreign access and control over critical infrastructure and data has resulted in a greater focus on domestic ownership and repatriating key supply chains. Together with enhanced oversight of critical infrastructure, these moves mark a notable shift to much more interventionist and protectionist regulatory regimes.

“In these uncertain times, managing cyber security risks is essential to organizations' sustainable and profitable operations – regardless of mandatory requirements set by governments. Failure to invest in proactive cyber resilience programmes not only puts future compliance at risk - given that many cyber rules, such as in the EU, are still in train - but will also hinder organizations' resilience in the long term."

Spotlight on navigating Operational Technology (OT) regulation

In response to the surge in cyberattacks targeting operational technology (OT), policymakers are extending cyber rules to industrial organizations and implementing new, more stringent regulatory controls. According to NCC Group's threat intelligence report, the industrial sector was the most targeted group in 2024, experiencing 1,424 ransomware attacks, an increase from 2023. These attacks have caused mass disruption, affecting critical infrastructure and services, and leading to significant downtime. Insights from NCC Group’s Luc Manfredi and Ray Robinson, who have been at the forefront of OT and industrial control systems (ICS) cybersecurity for decades, highlight the severity of these attacks, role of regulation and the importance of robust security measures.

Download the report at www.nccgroup.com/uk/global-cyber-policy-radar/

Notice to readers: These are archived articles. Contact information, links and other details may be out of date. We regret any inconvenience.

Source: Company press release.

Categories: Reports and research