From the Department for Digital, Culture, Media & Sport and Julia Lopez MP – Published 19 January 2022
New laws are needed to drive up security standards in outsourced IT services used by almost all UK businesses, the government says.
The plans follow recent high-profile cyber incidents such as the cyber attack on SolarWinds and on Microsoft Exchange Servers which showed vulnerabilities in the third-party products and services used by businesses can be exploited by cybercriminals and hostile states, affecting hundreds of thousands of organisations at the same time.
It also follows an increase in ransomware threats to organisations, including some in critical national infrastructure such as the Colonial Pipeline attack in the US.
Minister of State for Media, Data, and Digital Infrastructure, Julia Lopez, said:
“Cyber attacks are often made possible because criminals and hostile states cynically exploit vulnerabilities in businesses’ digital supply chains and outsourced IT services that could be fixed or patched.”
“The plans we are announcing today will help protect essential services and our wider economy from cyber threats.“
“Every UK organisation must take their cyber resilience seriously as we strive to grow, innovate and protect people online. It is not an optional extra.”
To make the UK more secure and help prevent these types of attacks the government is aiming, through new legislation, to take a stronger approach to getting at-risk businesses to improve their cyber resilience as part of its new £2.6 billion National Cyber Strategy.
The full article can be read by clicking here