Pall Mall Process consultation on CCIC guidelines
Public Sector Action
Summary
Hide ▲
Show ▼
The Pall Mall Process entered a second phase to gather industry input on what responsible behavior should look like for commercial spyware and zero-day exploit providers. The UK and France launched the initiative in 2024, and 27 governments plus companies including Google, Microsoft, Apple and Meta have signed on. The planned guidelines will complement the existing Code of Practice for States and aim to curb irresponsible use of commercial cyber intrusion capabilities (CCICs). The effort matters because the CCIC market spans VRED, malware creation, C2, hacking-as-a-service, and access-as-a-service, giving governments and vendors a shared framework for limiting harmful use.
Related Happenings
CISA announces 2026 President’s Cup winners
Public Sector Action
H score16
First: 09.06.2026 15:00
Last: 09.06.2026 15:00
Sources 1
About this happening:
**CISA** announced the winners of the **seventh annual President’s Cup cybersecurity competition** on **June 9, 2026**. The federal contest ran from **January** through the **last...
CISA announces 2026 President’s Cup winners
Public Sector ActionAbout this happening: **CISA** announced the winners of the **seventh annual President’s Cup cybersecurity competition** on **June 9, 2026**. The federal contest ran from **January** through the **last...
GCHQ plans national cyber defense capability with agentic AI
Public Sector Action
H score21
First: 28.05.2026 12:30
Last: 28.05.2026 12:30
Sources 1
About this happening:
**GCHQ** has drawn up plans for a **world-first national cyber defense capability** built on **agentic AI** to detect and flag threats to **critical national infrastructure**, **a...
GCHQ plans national cyber defense capability with agentic AI
Public Sector ActionAbout this happening: **GCHQ** has drawn up plans for a **world-first national cyber defense capability** built on **agentic AI** to detect and flag threats to **critical national infrastructure**, **a...
ICO releases five-step AI cyber guidance
Public Sector Action
H score18
First: 14.05.2026 12:00
Last: 14.05.2026 12:00
Sources 1
About this happening:
The **UK Information Commissioner’s Office (ICO)** released a **five-step guide** urging organizations to prepare for **AI-powered cyber threats**, making it clear that stronger r...
ICO releases five-step AI cyber guidance
Public Sector ActionAbout this happening: The **UK Information Commissioner’s Office (ICO)** released a **five-step guide** urging organizations to prepare for **AI-powered cyber threats**, making it clear that stronger r...
UK Cyber Resilience Pledge pushes board-level security and supply-chain hardening
Defensive Guidance
H score33
First: 13.05.2026 12:05
Last: 13.05.2026 12:05
Sources 1
About this happening:
The **UK government's Cyber Resilience Pledge** will launch later this year, giving organizations a concrete set of steps to strengthen defenses and reduce supply-chain risk. It a...
UK Cyber Resilience Pledge pushes board-level security and supply-chain hardening
Defensive GuidanceAbout this happening: The **UK government's Cyber Resilience Pledge** will launch later this year, giving organizations a concrete set of steps to strengthen defenses and reduce supply-chain risk. It a...
UK government cyber resilience funding and pledge
Public Sector Action
H score25
First: 22.04.2026 17:10
Last: 22.04.2026 17:10
Sources 1
About this happening:
**UK government** announced **£90m ($120m)** in cybersecurity funding and a new **Cyber Resilience Pledge**, aiming to strengthen **national cyber resilience**. The initiative was...
UK government cyber resilience funding and pledge
Public Sector ActionAbout this happening: **UK government** announced **£90m ($120m)** in cybersecurity funding and a new **Cyber Resilience Pledge**, aiming to strengthen **national cyber resilience**. The initiative was...
Timeline
-
03.12.2025 12:35 2 articles · 7mo ago
Pall Mall Process enters second-phase industry consultation
Industry Or Public Sector UpdateThe Pall Mall Process, launched in 2024 by the UK and France with 27 governments and companies including Google, Microsoft, Apple and Meta, moved into a second phase to gather views from the offensive cyber industry on responsible behavior for commercial spyware and zero-day exploit providers. The planned guidelines are meant to complement the Code of Practice for States and address the broader CCIC ecosystem, including vulnerability research and exploit development (VRED), malware creation, command and control (C2), hacking-as-a-service, and access-as-a-service.
Show sources
- Pall Mall Process to Define Responsible Commercial Cyber Intrusion — www.infosecurity-magazine.com — 03.12.2025 12:35
- Pall Mall Process to Define Responsible Commercial Cyber Intrusion — www.infosecurity-magazine.com — 03.12.2025 12:35