UK Government implements new rules to protect critical infrastructure

The UK government has implemented new rules to protect the nation’s critical infrastructure and digital services from cyber attacks and computer network failure, among other threats. Companies working in fields of health, water, energy, transport and digital infrastructure will be expected to have robust safeguards in place against cyber threats. They will also have to report breaches and network outages to appropriate regulators directly within 72 hours. The regulators will have the powers to assess critical industries and ensure plans to prevent attacks are in place, issue legally-binding instructions to improve security, and impose fines up to £17 million if necessary. These fnes will not apply to operators that suffered an attack if they have previously assessed the risks adequately, taken appropriate security measures and engaged with regulators. If the incident has a cybersecurity aspect, organisations should contact the National Cyber Security Centre for support and advice.