A variety of industries including digital and infrastructure are now subject to tougher measures to protect services from cyber attacks.
Launched by the Digital Minister, Margot James, the new law means that firms in the health, water, energy, transport, and digital infrastructure sectors must implement “robust safeguards” to protect against cyber threats and other computer network failures.
Organisations in these sectors will also be required report any breaches or network outages within 72 hours.
Fines up to £17 million could be issued to these firms if there is failure to comply with these measures that are in place to bring down the number of incidents of cyber crime.
The problem has been laid bare by the National Cyber Security Centre which was set up by the government in October 2016; since then, the centre has responded to in excess of 950 significant incidents.
Under the government’s measures, regulators will be given powers to assess industries to ensure plans are in place to prevent attacks, as well as issuing legally-binding instructions to improve security, imposing fines if need be.
The government has stressed that fines are seen as a last resort, and that those companies who take appropriate security measures and suffer from attacks will not be sanctioned financially.
Ciaran Martin, Chief Executive of the National Cyber Security Centre, believes these changes “will help strengthen the UK’s infrastructure.
“By acting on the National Cyber Security Centre’s expert technical advice and reporting incidents, organisations can protect themselves against those who would do us harm.
“The UK government is committed to making the UK the safest place to live and do business online, but we can’t do this alone. Every citizen, business and organisation must play their part.”
Minister for Digital and the Creative Industries, Margot James, added: “It’s vital that we put in place tough new measures to strengthen the UK’s cyber security and make sure we are the safest place in the world to live and be online.
“Organisations must act now to make sure that they are primed and ready to stop potential cyber attacks.”