The UK Government has revealed measures to protect public services from cyberattacks.
The new Cyber Security Bill aims to ensure firms providing essential IT services to public services are “no longer an easy target” for cyber criminals.
If the proposals are adopted, more organisations and suppliers will need to meet robust cybersecurity requirements, including datacentres, Managed Service Providers (MSPs) and critical suppliers. This means third-party suppliers will need to boost their cybersecurity in areas such as risk assessment to minimise the possible impact of cyberattacks, while also beefing up their data protection and network security defences.
A thousand service providers will fall into scope of measures expected to be introduced later this year.
Regulators will have more tools to improve cybersecurity and resilience in the areas they regulate, with companies required to report more incidents to help build a stronger picture of cyber threats and weaknesses in the UK’s online defences.
If you liked this content…
Does the new Cyber Security and Resilience Bill go far enough?
Most NHS staff not confident in current cyber defences
Navigating public sector cyber risk amidst new legislation
‘Archaic’ tech sees public sector missing £45 billion productivity savings every year
Critical infrastructure needs guidance, not just regulations, to strengthen cybersecurity
The Government said it would also have greater flexibility to update regulatory frameworks when needed. This could include extending the framework to new sectors or updating security requirements.
Secretary of State for Science, Innovation, and Technology, Peter Kyle, said the Bill will help make the UK’s digital economy one of the most secure in the world.
Health and Social Care Secretary Wes Streeting the Bill “will boost the NHS’s resilience against cyber threats, secure sensitive patient data and make sure life-saving appointments are not missed as we deliver our Plan for Change.”
Regulated organisations and datacentre resilience
Elsewhere, the Government is also giving the Technology Secretary powers to direct regulated organisations to shore up their cyber defences.
Another potential course of action, it said, may include new protections for more than 200 datacentres. Three major tech companies – Vantage Data Centres, Nscale and Kyndryl – are investing £14 billion to build AI infrastructure in the UK, including more datacentres.
