Cyber laws updated to boost UK바카라 사이트™s resilience against online attacks
Outsourced IT providers will be brought into scope of cyber regulations to strengthen UK supply chains.
- Changes will boost security standards and increase reporting of serious cyber incidents to reduce risk of attacks causing disruption
- Laws can be updated in the future to cover new organisations or sectors if they become vital for essential services
Essential everyday services, such as water, energy and transport, will be better protected from online attacks following changes to laws which set the UK바카라 사이트™s cyber security standards.
In response to a public consultation earlier this year, the government today confirms the Network and Information Systems (NIS) Regulations will be strengthened to protect essential and digital services against increasingly sophisticated and frequent cyber attacks both now and in the future.
The UK NIS Regulations came into force in 2018 to improve the cyber security of companies providing critical services. Organisations which fail to put in place effective cyber security measures can be fined as much as £17 million for non-compliance.
But high profile attacks such as Operation CloudHopper, which targeted managed service providers and compromised thousands of organisations at the same time, show the UK바카라 사이트™s cyber laws need to be strengthened to continue to protect vital services and the supply chains they rely on.
MSPs provide IT services such as security monitoring and digital billing and can have privileged access to their customer바카라 사이트™s IT networks. This makes them an attractive target for cyber criminals who can exploit MSP software vulnerabilities to compromise a wide range of clients.
The UK is able to change the NIS regulations, which were originally derived from the EU바카라 사이트™s NIS directive, because the UK has left the EU and can update these laws to better fit the country바카라 사이트™s cyber security needs.
Under the new changes MSPs, which are key to the functioning of essential services that keep the UK economy running, will be brought into scope of the regulations to keep digital supply chains secure.
Cyber minister Julia Lopez said:
The services we rely on for healthcare, water, energy and computing must not be brought to a standstill by criminals and hostile states.
We are strengthening the UK바카라 사이트™s cyber laws against digital threats. This will better protect our essential and digital services and the outsourced IT providers which keep them running.
The updates to the NIS regulations will be made as soon as parliamentary time allows and will apply to critical service providers, like energy companies and the NHS, as well as important digital services like providers of cloud computing and online search engines.
Other changes include requiring essential and digital services to improve cyber incident reporting to regulators such as Ofcom, Ofgem and the ICO. This includes notifying regulators of a wider range of incidents that disrupt service or which could have a high risk or impact to their service, even if they don바카라 사이트™t immediately cause disruption.
The new measures will give the government the power to amend the NIS regulations in future to ensure it remains effective. This change will allow more organisations to be brought into scope if they become vital for essential services and add new sectors which may become critical to the UK바카라 사이트™s economy.
The updated rules will allow regulators to establish a cost recovery system for enforcing the NIS regulations that is more transparent and takes into account the wider regulatory burdens, company size, and other factors to reduce taxpayer burden.
The Information Commissioner will be able to take a more risk-based approach to regulating digital services under the updated cyber laws and will be allowed to take into account how critical providers are to supporting the resilience of the UK바카라 사이트™s essential services.
These changes to legislation are part of the government바카라 사이트™s £2.6 billion National Cyber Strategy which is taking a stronger approach to getting at-risk businesses to improve their cyber resilience and making the UK digital economy more secure and prosperous.
Paul Maddinson, NCSC Director of National Resilience and Strategy, said:
I welcome the opportunity to strengthen NIS regulations and the impact they will have on boosting the UK바카라 사이트™s overall cyber security.
These measures will increase the resilience of the country바카라 사이트™s essential services 바카라 사이트“ and their managed service providers 바카라 사이트“ on which we all rely.
Carla Baker, Senior Director of Public Policy UK and Ireland, Palo Alto Networks, said:
Palo Alto Networks supports the development of an agile policy framework to reduce cybersecurity risks to our economy and society.
We welcome the opportunity to engage with the UK 바카라 사이트 as it reviews the legislation and develops guidance for industry to enhance cyber resilience and combat the risk that malicious actors pose to the UK바카라 사이트™s national security.
Notes to editors:
- DCMS is backing the country바카라 사이트™s powerhouse sectors to grow the economy and make a difference where people live.
- The digital sector contributes approximately £138 billion to the economy. There are 1,822,000 jobs in the sector - 250,000 more than in 2019 before the pandemic.
- Exports of services by the digital sector were worth £56 billion in 2020, which is around a fifth of the UK바카라 사이트™s total service exports.
- The full consultation response can be found here.
- There is more information in the .
- The work is part of the UK government바카라 사이트™s ambition to maintain the UK바카라 사이트™s position as a leading democratic and responsible Cyber Power, outlined through the 2022 National Cyber Strategy, which was published on 15 December 2021 and is backed with a £2.6 billion investment.