The government is seeking to improve the ability of British businesses to resist the increasing number of cyber attacks directed against them.

The government is therefore proposing new laws that will improve security standards in outsourced IT services used by almost all UK businesses.

It proposes that any firms providing essential digital services should follow strict cyber security duties, with large fines for non-compliance. Other legislative proposals include improved incident reporting and driving up standards in the cyber security profession.

Cyber resilience

It comes after the British government last month published its National Cyber Strategy, designed to ensure the country has the necessary means to defend itself in cyberspace.

That strategy aims to reinforce the UK’s economic and strategic strengths in cyberspace, including more diversity in the workforce.

And now the government is proposing new laws to improve security standards.

One of these additional proposal concerns the independent UK Cyber Security Council, which regulates the cyber security profession.

The government believes the Cyber Security Council needs additional powers to raise the bar and create a set of agreed qualifications and certifications, so those working in cyber security can prove they are properly equipped to protect businesses online.

The government points to high profile cyber attacks such as SolarWinds and on Microsoft Exchange Servers which highlighted the vulnerabilities in third-party products and services used by businesses, which in turn can be exploited by cybercriminals and hostile states, affecting hundreds of thousands of organisations at the same time.

And of course there is the ever increasing ransomware scourge, which in 2021 crippled critical infrastructure in the United States such as the Colonial Pipeline attack in the US.

Indeed, so serious was that attack that the US government engaged emergency powers and US President Joe Biden received “personal briefings” about it. And the attack dominated the face-to-face meeting in June 2021 between Biden and Russia’s President Vladimir Putin.

The US government is thus now forcing all federal agencies to ensure their IT systems are running the latest patches, and the British are looking to follow suite.

Criminals, hostile states

“Cyber attacks are often made possible because criminals and hostile states cynically exploit vulnerabilities in businesses’ digital supply chains and outsourced IT services that could be fixed or patched,” noted Minister of State for Media, Data, and Digital Infrastructure, Julia Lopez.

“The plans we are announcing today will help protect essential services and our wider economy from cyber threats,” said Lopez.

“Every UK organisation must take their cyber resilience seriously as we strive to grow, innovate and protect people online,” she said. “It is not an optional extra.”

To make the UK more secure and help prevent these types of attacks the government is aiming, through new legislation, to take a stronger approach to getting at-risk businesses to improve their cyber resilience as part of its new £2.6 billion National Cyber Strategy, introduced in December 2021.

This week the Government has proposed updating the Network and Information Systems (NIS) regulations, which came into force in 2018 to improve the cyber security of companies which provide essential services such as water, energy, transport, healthcare and digital infrastructure.

Organisations which fail to put in place effective cyber security measures can be fined as much as £17 million.

Page: 1 2

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Google Must Face Trial In Ad Tech Monopoly Case

Google loses bid for summary judgement as judge says 'too many facts in dispute' as…

3 hours ago

Silicon In Focus Podcast: Feeding the Machine

Learn how your business can meet the challenges associated with managing data across multiple platforms…

3 hours ago

Apple, Meta Likely To Face EU Antitrust Charges

Apple, Facebook parent Meta reportedly likely to face EU antitrust charges before August under new…

3 hours ago

Adobe Shares Jump On AI Success

Adobe shares post biggest gains in more than four years after it reports user take-up…

4 hours ago

Winklevoss’ Gemini To Pay $50m In Crypto Fraud Settlement

Winklevoss twins' Gemini Trust to pay $50m to settle cypto fraud claims over failed Gemini…

4 hours ago

Meta Delays EU AI Launch After Privacy Complaints

Meta delays Europe launch of AI in Europe after user, privacy group complaints over plans…

5 hours ago