The UK government recently announced that they are consulting on new measures for greater resilience among British businesses’ cyber security, according to media reports. This comes as a part of a £2.6 billion National Cyber Strategy and comes after high profile cyber-attacks were noticed in the UK.
As reported by the UK government, new laws are needed in order to increase the security standards of the industry, outsourced by the IT services and they are used by almost all UK businesses. Apart from that, the published proposals also seek to make improvements regarding how to organise and report cyber security incidents.
The UK government has also proposed reorganising the legislation to increase its flexibility and react at the same time and pace, keeping up with the technological change. The UK Cyber security Council has also received suggestions to create a set of qualifications and certifications so those working in cyber security can prove they are properly equipped to protect businesses online.
Julia Lopez, Minister of State for media, data and digital infrastructure, told the media, “The plans we are announcing today will help protect essential services and our wider economy from cyber threats. Every UK organisation must take their cyber resilience seriously as we strive to grow, innovate and protect people online. It is not an optional extra.”
These plans come after the attack on SolarWinds and Microsoft Exchange Servers, which were rendered vulnerable after using third-party products and services. Additionally, research by the Department for Digital, Culture, Media and Sport shows only 12 percent of organisations review the cyber security risks coming from their immediate suppliers and 5 percent of the firms address the vulnerabilities in their wider supply chain.