New laws proposed to strengthen
the UK’s resilience from cyber attack

From the Department for Digital, Culture, Media & Sport and Julia Lopez MP – Published 19 January 2022 

The Government is consulting on new measures to boost British businesses’ cyber security after recent high profile attacks. Highlights from the report include:

  • More firms providing essential digital services should follow strict cyber security duties with large fines for non-compliance.

  • Other legislative proposals include improved incident reporting and driving up standards in the cyber security profession.

New laws are needed to drive up security standards in outsourced IT services used by almost all UK businesses, the government says.

The plans follow recent high-profile cyber incidents such as the cyber attack on SolarWinds and on Microsoft Exchange Servers which showed vulnerabilities in the third-party products and services used by businesses can be exploited by cybercriminals and hostile states, affecting hundreds of thousands of organisations at the same time.

It also follows an increase in ransomware threats to organisations, including some in critical national infrastructure such as the Colonial Pipeline attack in the US.

Minister of State for Media, Data, and Digital Infrastructure, Julia Lopez, said:

“Cyber attacks are often made possible because criminals and hostile states cynically exploit vulnerabilities in businesses’ digital supply chains and outsourced IT services that could be fixed or patched.”

“The plans we are announcing today will help protect essential services and our wider economy from cyber threats.

“Every UK organisation must take their cyber resilience seriously as we strive to grow, innovate and protect people online. It is not an optional extra.”

To make the UK more secure and help prevent these types of attacks the government is aiming, through new legislation, to take a stronger approach to getting at-risk businesses to improve their cyber resilience as part of its new £2.6 billion National Cyber Strategy.

Research by the Department for Digital, Culture, Media and Sport shows only 12 per cent of organisations review the cyber security risks coming from their immediate suppliers and only one in twenty firms (5 per cent) address the vulnerabilities in their wider supply chain.
For all these reasons, small and growing businesses need to be aware of the threats and how to stop them. Are you future-ready? Are you taking the right precautionary measures to you protect your business, data, finances and overall reputation?

The full article can be read by clicking here


If you like to know more about our services then please get in touch.