Britain's Cyber Security Laws Get Updated

Uploaded on 2022-12-16 in GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law

Britian's cyber security laws will soon be updated and require outsourced IT providers to meet national security standards to protect supply chains, the Government has said. 

These rules already apply to UK companies providing critical services in a range of sectors including energy, water and transport, but will now bring outsourced firms into scope as well.

“Essential everyday services, such as water, energy and transport, will be better protected from online attacks following changes to laws which set the UK’s cyber security standards,” says the UK Government Dept. for Digital, Culture, Media & Sport (DCMS).

The Network and Information Systems (NIS) Regulations will be updated so third-party firms providing IT services to businesses will be compelled to have effective cyber security measures in place to protect them and their client’s data, with fines for non-compliance. 

The decision comes after a consultation and in the wake of increasing levels of cyber attacks targeting critical infrastructure in countries around the world as a way of inflicting substantial damage on entire nations. The Government said it has noted the increase in attacks, which also target supply chains as a way of compromising potentially thousands of organisations at the same time.

“The services we rely on for healthcare, water, energy and computing must not be brought to a standstill by criminals and hostile states,” says Julia Lopez the UKs Cyber Minister.

In November, the National Cyber Security Centre (NCSC), part of GCHQ, published its annual review, which said the cyber security threat to the UK has “evolved significantly” over the past year – with 18 cybersecurity incidents requiring a nationally co-ordinated response. These include attacks on an NHS supplier and a water utility company.

The Government said the updates to the regulations will be made as soon as parliamentary time allows, and will also include measures that require firms to improve cyber incident reporting to regulators.

Gov.UK:    Thomson Reuters:     Standard:    Indpendent:    Chard & Ilmister News:     

You Might Also Read:

Preventing Exploitation Of Digital Images Of Children:
 

« The Great Resignation
Ways Governments Can Better Protect Public Data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Mimecast

Mimecast

Mimecast delivers cloud-based email management for Microsoft Exchange and Microsoft Office 365 including archiving, continuity and security.

Cyber Security Network

Cyber Security Network

Cyber Security Network provide specialist cyber security recruitment services.

Bit4id

Bit4id

Bit4id provides software and systems for security and identification based on PKI technology.

Exonar

Exonar

We enable organisations to better organise their information, removing risk and making it more productive and secure.

Phirelight Security Solutions

Phirelight Security Solutions

Phirelight empowers an enterprise to easily understand how their networks behave, while at the same time assessing and managing cyber threats in real time.

SecureKey Technologies

SecureKey Technologies

SecureKey is a leading identity and authentication provider that simplifies consumer access to online services and applications.

Kratikal

Kratikal

Kratikal provides a complete suite of manual and automated security testing services.

WWPass

WWPass

WWPass is a global cybersecurity company that provides password-less authentication and client-side encryption technology.

PQShield

PQShield

PQShield are specialists in Post-Quantum Cryptography. We provide quantum-secure cryptographic solutions for software, software/hardware co-design and data in transit.

NINJIO

NINJIO

NINJIO is a leader in cybersecurity awareness training. View IT Security Awareness through a different lens - entertain and educate your users through storytelling.

KDM Analytics

KDM Analytics

KDM Analytics software products automate the NIST risk management framework (RMF) assessment for operational technology (OT) systems.

Crowe

Crowe

Crowe is a public accounting, consulting, and technology firm that combines deep industry and specialized expertise with innovation.

Lucidum

Lucidum

The Lucidum platform helps you assess risk and mitigate vulnerabilities by finding and correlating data from your security tech stack.

Ministry of Electronics & Information Technology (MeitY)

Ministry of Electronics & Information Technology (MeitY)

The Ministry of Electronics & Information Technology is an executive agency responsible for IT policy, strategy and development of the electronics industry.

Redington

Redington

Redington offer products and services in solution areas including digital transformation, hybrid infrastructure and cybersecurity.

Surf Security

Surf Security

SURF Security has transformed the browser into your strongest security asset while providing complete end-user privacy – all with full compliance.