Hospitals, energy and water supplies and transport networks would be better protected from the threat of cyber-attacks under new laws that were introduced in Parliament on 12th November. The law, put forward by Science Secretary, Liz Kendall, comes after independent research revealed that shows the average cost of a significant cyber-attack in the UK is now over £190,000. This amounts to around £14.7 billion a year across the economy – equivalent to 0.5% of the UK’s GDP.
Additionally, The Office for Budget Responsibility has warned that a cyber attack on critical national infrastructure could temporarily increase borrowing by over £30bn – the equivalent of 1.1 per cent of the UK’s GDP. Therefore, it’s a no brainer that the security problem needs solving.
The proposed bill, named “The Cyber Security and Resilience Bill” would extend cyber security regulation to key digital and essential services such as healthcare, transport, energy, and water, including medium and large IT and cyber security suppliers for the first time. These organisations would be required to meet clear security standards, report serious cyber incidents quickly, and have strong plans in place to manage attacks.
Regulators would gain new powers to designate critical suppliers and enforce minimum security requirements across supply chains, backed by tougher, turnover-based penalties for serious breaches. The Technology Secretary would also be able to direct regulators and essential service providers to take proportionate action to prevent cyber threats that could affect UK national security.
The bill has received backing from many senior officials including National Cyber Security Centre CEO Dr Richard Horne, National Chief Information Security Officer for Health and Care at Department of Health & Social Care, Phil Huggins and Simon Sheeran, Head of Cyber Security Oversight at the UK Civil Aviation Authority, who’ve praised it as “a crucial step in better protecting our most critical services”, “(provide the ability to) help keep services available, protect data, and maintain trust in our systems in the face of an evolving threat landscape” and “This Bill will help improve cyber defences essential for maintaining the already very high safety standards in aviation”.
Sources:
Gov.uk – Tough new laws to strengthen the UK’s defences against cyber attacks on NHS, transport and energy
The Independent – New laws to bolster UK’s defences against cyber attacks on NHS, transport and energy
Data Protection Network – UK Cyber Security Bill introduced to Parliament
