The UK government is planning to present a new bill on resilience and cyber security.
A new measure included in the King's Speech on July 17 marks the beginning of the British government's efforts to strengthen the country's cyber-resilience.
According to background notes released by the government yesterday, the goal of the Cyber Security and Resilience Bill is to "strengthen our defences and ensure that more essential digital services than ever before are protected."
It will accomplish this by expanding upon the 2018 NIS Regulations, which were created in response to an EU mandate. The UK has paused in its efforts to amend the rule, while the EU was introducing a NIS 2.
According to Pinsent Masons partner Stuart Davey, "the previous UK government carried out its own review of the NIS Regulations 2018 and then consulted on potential reforms," which constitutes part of the effort towards amending the UK NIS framework.
"The government published its response paper in November 2022, and since then, there has been no word on the proposed reforms, which were aimed at stressing the significance of supply chain cyber management and broadening the reach of NIS to other categories of digital service providers."
Pay Attention to Critical Infrastructure
In order to "protect more digital services and supply chains," the proposed measure will expand the current NIS regime's purview to include vital infrastructure providers.
In order to enable the authorities better grasp the scope of the danger and "alert us to potential attacks by expanding the type and nature of incidents that regulated entities must report," it would mandate the reporting of ransomware.
Additionally, the proposed legislation will broaden the purview of current regulations and grant regulators greater authority.
"The government's plans to introduce this new bill also follow public warnings from the UK National Cyber Security Centre about the cyber capabilities of China and Russia in particular," said Davey. "The government has identified the heightened and evolving cyber threat facing organizations, citing recent high-profile cyber-attacks affecting the NHS and the Ministry of Defence."
It also occurs some weeks after a significant ransomware assault against an NHS supplier that resulted in the cancellation of thousands of surgeries and appointments.
Our own research indicates that in Q1 of this year, there were 69 cyber-extortion attempts against healthcare firms, which is a more than 100% increase from Q1 of 2023. According to Dominic Trott, director of strategy and alliances at Orange Cyberdefense, "organizations must optimize access to skills, adoption of appropriate processes, and the right use of technology to achieve cyber-resilience to combat this."
"It is encouraging to see that the bill will modernize the outdated regulatory framework by extending the regulation's scope to safeguard supply chains, which pose a growing threat to adversaries."
Increasing Development with Cyber-Resilience
The CEO of Quod Orbis, Martin Greenfield, continued, "This bill will assist the Labour government in fulfilling its commitment to accelerate economic growth."
The truth is that a firm might be impacted by several disruptions at any given time. Businesses will find it difficult to achieve consistent economic growth in the absence of aggressive and well-coordinated cybersecurity plans, he warned.
"The King's Speech initiatives are an essential and appropriate step towards a more secure and prosperous digital economy."
Many of the legislative features included in the Data Protection and Digital Information Bill, a proposed update to the UK GDPR that was not passed in time during the previous parliament, will be included in a new Digital Information and Smart Data Bill.
.jpg)
0 Comments