Skrzewiak - stock.adobe.comNewsUKs Cyber Monitoring Centre begins incident classification workThe Cyber Monitoring Centre will work to categorise major incidents against a newly developed scale to help organisations better understand the nature of systemic cyber attacks and learn from their impactByAlex Scroxton,Security EditorPublished: 06 Feb 2025 17:18 The Cyber Monitoring Centre (CMC), a new UK-based project designed to independently declare and classify systemic cyber attacks using a unique classification scale with the objective of helping organisations understand the nature of systemic security incidents with widespread impacts, has formally begun its work.Initially a joint project between law firm Weightmans and insurer CFC, the CMCs objective is to declare and classify systemic incidents on a scale of one through five, where one is the least severe type of incident and five the most dangerous and disruptive. It was initially designed as an aid to the insurance industry, but the results of its work will be freely available to all security risk owners.It hopes to bring greater clarity and transparency to complex incidents, and help organisations better react to them and prepare for future ones.The risk of major cyber events is greater now than at any time in the past as UK organisations have become increasingly reliant on technology. The CMC has the potential to help businesses and individuals better understand the implications of cyber events, mitigate their impact on peoples lives, and improve cyber resilience and response plans, said CMC CEO Will Mayes.When a systemic incident defined by the CMC as one with a financial impact greater than 100m, affecting multiple organisations, and where there is data or information available to enable assessments the CMCs Technical Committee, which is led by former National Cyber Security Centre (NCSC) chief executive Ciaran Martin, will measure key factors against the CMCs core framework to make an effective judgement as to the incidents classification.These factors are:External polling on an incident, for which it is partnering with the Office for National Statistics (ONS) and the British Chambers of Commerce;Observable technical indicators and incident data drawn from, for example, news reports, NHS or ONS data, and partnerships with third parties such as risk analytics house Parametrix, among others;And modelling against previous incidents, such as 2024s CrowdStrike outage, and through conversations with individuals involved in the incident, such as victims, incident response and cyber forensics teams, lawyers, insurance claims handlers and industry bodies. I have no doubt the CMC will improve the way we tackle, learn from, and recover from cyber incidents. If we crack this, and Im confident that we will, it could be a huge boost to cyber security efforts Ciaran Martin, Cyber Monitoring CentreThe CMC said the target timeframe to categorise an event against these criteria will be 30 days, although this is not set in stone. Each published categorisation will be supported by an event report that will summarise the committees analysis and provide additional insights from its work.Committee chair Martin said that up to now, measuring the severity of cyber security incidents had been a big challenge.This could be a huge leap forward [and] I have no doubt the CMC will improve the way we tackle, learn from, and recover from cyber incidents. If we crack this, and Im confident that we will, ultimately it could be a huge boost to cyber security efforts not just here but internationally too, he said.Mayes added: I would also like to acknowledge the support from a wide range of world-leading experts who have contributed so much time and expertise to help establish the CMC, and continue to provide data and insights during events. Their ongoing support will be vital and we look forward to adding further expertise to our growing cohort of partners in the months and years ahead.Read more about cyber incident responseWhat goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership?Organisations need to take a focused approach to gain visibility into targeted threats for cyber-risk mitigation and incident response.The high-rolling city of Las Vegas experiences unique cyber security challenges rarely seen elsewhere. CIO Mike Sherwood reveals how he turned to Darktrace to help address incidents quicker and with confidence.In The Current Issue:Forrester: Why digitisation needs strong data engineering skillsLabours first digital government strategy: Is it dj vu or something new?Download Current IssueWhy are we waiting? Cliff Saran's Enterprise blogData Engineering - Patronus AI: Building robust evaluation frameworks for AI accuracy CW Developer NetworkView All Blogs