Britain plans tougher laws to protect public services from cyber attacks
Sign up now: Get ST's newsletters delivered to your inbox
Recent cyber attacks in Britain included one that disrupted over 11,000 NHS medical appointments and procedures.
PHOTO: ST FILE
Follow topic:
LONDON - Britain plans to strengthen its public services’ defences against cyber attacks, requiring companies that provide services to private and public sector organisations such as the National Health Service to meet strict security standards.
In 2024, hackers breached the Ministry of Defence’s payroll system
The proposals also follow a series of cyberattacks in recent months that disrupted some of Britain’s biggest brands, including Marks & Spencer, the Co-op, and Jaguar Land Rover.
Under the proposed laws, medium and large companies providing services such as IT management, help desk support, and cyber security to both private and public sector organisations would be regulated, the government said in a statement on Nov 12 .
“Because they hold trusted access across government, critical national infrastructure and business networks, they will need to meet clear security duties,” the Department for Science, Innovation and Technology (DSIT) said.
If approved, the proposals would require companies to promptly report significant or potentially significant cyber incidents to both the government and their customers, and to have robust plans in place to manage the consequences.
Regulators would gain new powers to designate critical suppliers to essential services, and there would be tougher penalties for serious breaches, the DSIT said.
The government has also set out plans to ban public sector bodies and operators of critical national infrastructure, including the NHS, local councils and schools, from paying ransom demands to cyber criminals. REUTERS
