New laws proposed to boost UK business cyber security

Government proposals would see more firms required to put better cyber security measures in place.

Martyn Landi
Wednesday 19 January 2022 17:19
(PA)
(PA)

New laws have been proposed that would help boost the UK’s resilience from cyber attack, following a rise in incidents targeting national infrastructure around the world.

The Department for Digital, Culture, Media and Sport (DCMS) has unveiled plans to bolster security standards across the country, including improving the way firms report cyber security incidents and setting new qualification standards for those working in the sector to ensure they’re properly equipped to do so.

The plans come in response to a number of recent high-profile cyber incidents, including the SolarWinds and Microsoft Exchange Servers attacks, which used vulnerabilities in third-party products used by businesses to impact thousands of businesses around the world.

Under its proposals, the Government said it wants to update the Network and Information systems (NIS) Regulations – which came into force in 2018 to improve the cyber security of companies that provide essential services such as water, energy, transport and healthcare by requiring them to put in place effective security measures.

The new laws would widen the regulations to include more third-party digital services, while the Government has also proposed requiring large firms to provide better cyber incident reports to regulators – including making it a requirement to notify them of any cyber attack they suffer, not just those which impact their services.

“Cyber attacks are often made possible because criminals and hostile states cynically exploit vulnerabilities in businesses’ digital supply chains and outsourced IT services that could be fixed or patched,” media, data and digital infrastructure minister, Julia Lopez, said.

“The plans we are announcing today will help protect essential services and our wider economy from cyber threats.

“Every UK organisation must take their cyber resilience seriously as we strive to grow, innovate and protect people online.

“It is not an optional extra.”

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in