Businesses Face Fines If Cyberattack Causes ‘Essential’ Service Outage

‘Essential’ infrastructure providers, such as those in utilities, health, transport and communications, could be fined as much as £17 million or four percent of their global turnover, if inadequate security policies lead to an interruption in service.

The measures are part of a Department for Digital, Culture, Media and Sport (DCMS) consultation on how to implement the Network and Information Systems (NIS) directive from next year and are separate to the proposed Digital Protection Bill, which covers data loss, announced yesterday.

The Department for Digital, Culture, Media and Sport (DCMS) said the fines would be a last resort and would not apply to those who had taken every conceivable measure yet still suffered a cyberattack.

Cybersecurity fines

It said businesses should have policies and technologies in place to minimise risk, prevent attacks and failures, detect and monitor threats, and to educate staff. It also said organisations should report incidents as soon as possible and have appropriate recovery systems in place.

The same prinicples must be applied to other threats to IT systems such as power outages, hardware failures and environmental hazards.

“We want the UK to be the safest place in the world to live and be online, with our essential services and infrastructure prepared for the increasing risk of cyber attack and more resilient against other threats such as power failures and environmental hazards,” said Minister for Digital Matt Hancock.

Loading ...

“The NIS Directive is an important part of this work and I encourage all public and private organisations in those sectors to take part in this consultation so together we can achieve this aim.”

The National Cybersecurty Centre (NCSC) has welcomed the development, which is part of the government’s £1.9 billion National Cybersecurity Strategy.

“We welcome this consultation and agree that many organisations need to do more to increase their cyber security,” said NCSC CEO Ciaran Martin.

“The NCSC is committed to making the UK the safest place in the world to live and do business online, but we can’t do this alone. Everyone has a part to play and that’s why we since our launch we have been offering organisations expert advice on our website and the Government’s Cyber Essentials Scheme.”

Quiz: What do you know about cyber security in 2017?

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Northvolt Mulls US Bankruptcy Protection – Report

Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…

1 day ago

FTC Plans Investigation Into Microsoft Cloud Business – Report

Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC

1 day ago

Programmer Sentenced To Five Years In Prison For Bitcoin Laundering

Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…

2 days ago

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

2 days ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

2 days ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

2 days ago