Britain's Cyber Security Laws Get Updated

Uploaded on 2022-12-16 in GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law

Britian's cyber security laws will soon be updated and require outsourced IT providers to meet national security standards to protect supply chains, the Government has said. 

These rules already apply to UK companies providing critical services in a range of sectors including energy, water and transport, but will now bring outsourced firms into scope as well.

“Essential everyday services, such as water, energy and transport, will be better protected from online attacks following changes to laws which set the UK’s cyber security standards,” says the UK Government Dept. for Digital, Culture, Media & Sport (DCMS).

The Network and Information Systems (NIS) Regulations will be updated so third-party firms providing IT services to businesses will be compelled to have effective cyber security measures in place to protect them and their client’s data, with fines for non-compliance. 

The decision comes after a consultation and in the wake of increasing levels of cyber attacks targeting critical infrastructure in countries around the world as a way of inflicting substantial damage on entire nations. The Government said it has noted the increase in attacks, which also target supply chains as a way of compromising potentially thousands of organisations at the same time.

“The services we rely on for healthcare, water, energy and computing must not be brought to a standstill by criminals and hostile states,” says Julia Lopez the UKs Cyber Minister.

In November, the National Cyber Security Centre (NCSC), part of GCHQ, published its annual review, which said the cyber security threat to the UK has “evolved significantly” over the past year – with 18 cybersecurity incidents requiring a nationally co-ordinated response. These include attacks on an NHS supplier and a water utility company.

The Government said the updates to the regulations will be made as soon as parliamentary time allows, and will also include measures that require firms to improve cyber incident reporting to regulators.

Gov.UK:    Thomson Reuters:     Standard:    Indpendent:    Chard & Ilmister News:     

You Might Also Read:

Preventing Exploitation Of Digital Images Of Children:
 

« The Great Resignation
Ways Governments Can Better Protect Public Data »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Code42

Code42

Code42 CrashPlan, is an enterprise SaaS solution that backs up all distributed end-user data on a single, secure platform.

Atos

Atos

Atos provides a unique Cyber Security end to end solution with a data-centric and pre-emptive security approach.

Azeti Networks

Azeti Networks

Azeti Networks is a global provider of IoT technology to a variety of verticals including telecomms, oil/gas, manufacturing, finance and healthcare.

NetDiligence

NetDiligence

NetDiligence is a privately-held cyber risk assessment and data breach services company.

Lightship Security

Lightship Security

Lightship Security is an accredited Common Criteria and FIPS 140-2 IT security testing laboratory that specializes in test conformance automation solutions and IT product security certifications.

Xilinx

Xilinx

Xilinx is the inventor of the FPGA, programmable SoCs, and now, the ACAP. We are building the Adaptable, Intelligent World.

Pelion IoT

Pelion IoT

Pelion Connected Device Services are the easiest way to securely connect and manage your devices, allowing you to focus on forging your future.

Axis Security

Axis Security

Axis Security technologies transform open networks and vulnerable applications into fully protected resources that the business can trust.

Aligned Technology Solutions (ATS)

Aligned Technology Solutions (ATS)

ATS manage, monitor, and maintain everything from your network and servers to your workstations and mobile devices, and we do it proactively to eliminate downtime and keep hackers at bay.

Cyber Skyline

Cyber Skyline

Cyber Skyline is a revolutionary cloud platform to practice, develop, and measure your team's technical cybersecurity skills.

UnderDefense

UnderDefense

UnderDefense provides cyber resiliency consulting and technology-enabled services to anticipate, manage and defend against cyber threats.

US Coast Guard Cyber Command

US Coast Guard Cyber Command

US Coast Guard Cyber Command’s focus is to ensure the security of our cyberspace, maintain superiority over our adversaries,and safeguard our Nation’s critical maritime infrastructure.

Xmirror Security

Xmirror Security

Xmirror Security focuses on integrated detection and defense of the continuous threat to the DevSecops software supply-chain with artificial intelligence technology as the core.

Theos Cyber Solutions

Theos Cyber Solutions

Theos Cyber provides service-first cybersecurity solutions to digital businesses in Asia.

vpnMentor

vpnMentor

We started vpnMentor to offer users a really honest, committed and helpful tool when navigating VPNs and web privacy.

Maltiverse

Maltiverse

Maltiverse is a threat intelligence platform that provides security teams with high-fidelity threat data and malicious IOCs to enhance detection and response.