The UK government has proposed wide-ranging new laws aimed at strengthening the country’s cyber resilience. The move comes after a rise in incidents targeting national infrastructure around the world.
Among the measures outlined are improvements in the way organisations report cyber security incidents, and new laws to drive up security standards in outsourced IT services used by almost all UK businesses.
The government says that the UK Cyber Security Council also needs powers to raise the bar and create a set of agreed qualifications and certifications so those working in cyber security can prove they are properly equipped to protect businesses online.
The plans follow recent high-profile cyber incidents such as the cyber attack on SolarWinds and on Microsoft Exchange Servers which showed vulnerabilities in the third-party products and services used by businesses can be exploited by cybercriminals and hostile states, simultaneously affecting hundreds of thousands of organisations. They also follow an increase in ransomware threats to organisations, including some in critical national infrastructure such as the Colonial Pipeline attack in the US.
Media, data, and digital infrastructure minster, Julia Lopez, said: “Cyber attacks are often made possible because criminals and hostile states cynically exploit vulnerabilities in businesses’ digital supply chains and outsourced IT services that could be fixed or patched.
“The plans we are announcing will help protect essential services and our wider economy from cyber threats. Every UK organisation must take their cyber resilience seriously as we strive to grow, innovate and protect people online. It is not an optional extra.”
Research by the Department for Digital, Culture, Media and Sport shows only 12% of organisations review the cyber security risks coming from their immediate suppliers and only one in twenty firms (5%) address the vulnerabilities in their wider supply chain.
The consultation period is open until 10 April 2022 with stakeholders invited to submit their responses to the proposals.
Printed Copy:
Would you also like to receive CIR Magazine in print?
Data Use:
We will also send you our free daily email newsletters and other relevant communications, which you can opt out of at any time. Thank you.
YOU MIGHT ALSO LIKE