GCHQ’s National Cyber Security Centre (NCSC) has set out the cyber security protocols for construction joint ventures working on infrastructure projects.
The new Information Security Best Practice guide aims to help those in JVs keep sensitive data safe from attackers. It offers advice on how to securely handle the data they create, store and share in JV projects.
The guide sets out why information security matters for JVs and recommends approaches to manage the risks. The recommendations include:
- establishing information security governance and accountability within the JV and ensuring board level engagement;
- identifying staff to take responsibility for assessing specific information security risks and developing a shared information security strategy;
- understanding the specific risks and any regulatory requirements for the JV and deciding on a shared risk appetite; and
- developing and agreeing on a shared information security strategy to manage and mitigate the risks holistically. This includes physical, personnel and cyber risks.
The protocols proposed in the guidance document are recommended, but not mandatory.
Register for free and continue reading
This is not a paywall. Registration allows us to enhance your experience across Construction Management and ensure we deliver you quality editorial content.
Registering also means you can manage your own CPDs, comments, newsletter sign-ups and privacy settings.
Story for CM? Get in touch via email:
[email protected]
