What Are The Laws And Regulations For Cybersecurity Impacting UK Businesses

Laws And Regulations For Cybersecurity

New laws surrounding cybersecurity in the UK came into effect earlier this year – and businesses that fail to comply with the regulations could be fined up to £17m.

In May 2018, the UK government rolled out the EU’s latest Network and Information Security (NIS) Directives in an attempt to protect the nation’s economy, public safety and adverse social impacts that can come under threat by the risk of cyber attacks.

It was determined that 39% of organisations that have a direct correlation to the critical infrastructure of the country were failing basic cyber security
compliance.

The revised directives are aimed at improving resilience across five critical sectors that provide services to Britain’s infrastructure; water, energy, health, transport and digital service providers.

It’s crucial that UK firms understand their obligation in relation to NIS Directives and take the appropriate measures to mitigate the growing threat of cyber attacks.

What does the NIS mean for UK businesses?

For organisations to remain compliant with the new cyber security regulations, UK businesses are obliged to conduct thorough risk assessment tests, install advanced threat detection systems, prioritise security analysis, and understand the dependencies between systems.

Also Read:   5 Tips and Tools to Keep Remote Teams on Track

The government has said that UK companies should examine their services immediately and register with the competent authority’s Information Commissioner’s Office (ICO) to identify yourself by 1 November 2018.

The companies that are obligated to register are those considered to provide ‘essential services’ under the new regulations. It should also be noted that the NIS Directives may not apply to all operations within an organisation.

It is important for companies to understand which critical services could have a widespread impact, either internally or externally. However, it is not clear how many businesses will actually be responsible for implementing regulations in accordance with NIS.

Firms that fail to comply with the terms of the NIS directives will be liable to pay fines of up to £17million. Penalties are calculated at 4% of the company annual turnover.

Cybercrime threats

Mike Hulett, Head of Operations at Britain’s National Cybercrime Unit report that around half of all recorded crime in the UK involves some form of cyber activity.

There has been numerous examples of cyber attacks against firms that are responsible for national infrastructure in mainland Europe, and 68% of critical UK businesses have been the subject of cyber security attacks or breaches in the last 18 months.

Experts predict that attacks on critical infrastructure are to set to increase – by as much as 100% in the next two years. An increase in connected devices
and a shortage of digital skills in critical sectors has raised growing concerns among policy makers.

Also Read:   Microsoft Opens A Cybercrime Center

The NIS Directives came into effect on 10 May 2018, but UK firms have been given a 12-month bedding in period to implement appropriate systems – estimated to cost a total of £4.1m.

Early estimates say at least 432 UK businesses will be affected by the NIS Directive. However, other companies may be affected. If your organisation has a contract with a public authority or is directly covered by NIS Regulations, you should seek legal, commercial and operational advice
immediately.

ICLG is committed to providing legal advice and assistance to UK
businesses. Our experienced partners can help ensure you meet compliance
with NIS Directives. For expert advice, call us now on 207 367 0720.

Further Reading...

Want to Support WittySparks? Why not use these links to buy stuff from Amazon US and Amazon IN. Maybe little purchase from these sites may help us to cut down our expenses. Thank You.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.