Britain's Cyber Security Laws Get Updated

Uploaded on 2022-12-16 in GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-Law

Britian's cyber security laws will soon be updated and require outsourced IT providers to meet national security standards to protect supply chains, the Government has said. 

These rules already apply to UK companies providing critical services in a range of sectors including energy, water and transport, but will now bring outsourced firms into scope as well.

“Essential everyday services, such as water, energy and transport, will be better protected from online attacks following changes to laws which set the UK’s cyber security standards,” says the UK Government Dept. for Digital, Culture, Media & Sport (DCMS).

The Network and Information Systems (NIS) Regulations will be updated so third-party firms providing IT services to businesses will be compelled to have effective cyber security measures in place to protect them and their client’s data, with fines for non-compliance. 

The decision comes after a consultation and in the wake of increasing levels of cyber attacks targeting critical infrastructure in countries around the world as a way of inflicting substantial damage on entire nations. The Government said it has noted the increase in attacks, which also target supply chains as a way of compromising potentially thousands of organisations at the same time.

“The services we rely on for healthcare, water, energy and computing must not be brought to a standstill by criminals and hostile states,” says Julia Lopez the UKs Cyber Minister.

In November, the National Cyber Security Centre (NCSC), part of GCHQ, published its annual review, which said the cyber security threat to the UK has “evolved significantly” over the past year – with 18 cybersecurity incidents requiring a nationally co-ordinated response. These include attacks on an NHS supplier and a water utility company.

The Government said the updates to the regulations will be made as soon as parliamentary time allows, and will also include measures that require firms to improve cyber incident reporting to regulators.

Gov.UK:    Thomson Reuters:     Standard:    Indpendent:    Chard & Ilmister News:     

You Might Also Read:

Preventing Exploitation Of Digital Images Of Children:
 

« The Great Resignation
Ways Governments Can Better Protect Public Data »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

SmartSearch

SmartSearch

SmartSearch is a leading online provider of Anti-Money Laundering and Fraud Prevention Services.

Kirkland & Ellis

Kirkland & Ellis

Kirkland & Ellis LLP is an international law firm with offices in the USA, Europe and Asia. Practice areas include Data Security & Privacy.

MobileIron

MobileIron

MobileIron provides EMM capabilities to IT organizations that need to secure mobile devices, applications and content.

Trend Micro

Trend Micro

Trend Micro is a leader in hybrid cloud, endpoint, and network security solutions.

SQA Service

SQA Service

SQA Service provide independent software and process Quality Assurance services.

PeCERT

PeCERT

PeCERT is the national Computer Emergency Response Team for Peru.

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (ManuSec)

Cyber Security For Critical Manufacturing (Manusec) is a global series of summits focusing on Cyber Security for Critical Manufacturing Sectors.

Cyberkov

Cyberkov

Cyberkov services include Pentesting, Vulnerability Assessments, Digital Forensics, Incident Response, Source Code Analysis and Security Training.

Blue Lights Digital

Blue Lights Digital

Blue Lights Digital have developed a range of platforms to support digital investigations, as well as providing continued support and education for investigations professionals.

Silverfort

Silverfort

Silverfort introduces the first security platform enabling adaptive authentication and identity theft prevention for sensitive user, device and resource throughout the entire organization.

Bunifu Technologies

Bunifu Technologies

Bunifu Technologies is an Information Security and Custom Software Development Company.

Crypto Valley Association

Crypto Valley Association

Crypto Valley Association is an independent, government-supported association established to build the world’s leading blockchain and cryptographic technologies ecosystem.

Bleckwen

Bleckwen

Bleckwen is a proven fraud detection system that helps financial institutions build trust with customers.

Intrepid Solutions and Services

Intrepid Solutions and Services

Intrepid Solutions and Services provides technology solutions and professional services to key components of the intelligence and national security communities.

Chartered Institute of Information Security (CIISec)

Chartered Institute of Information Security (CIISec)

CIISec is dedicated to helping individuals and organisations develop capability and competency in cyber security.

Cyber Security Works (CSW)

Cyber Security Works (CSW)

Cyber Security Works is your organization’s early cybersecurity warning system to help prevent attacks before they happen.