Navigation
Seiteninhalt
Cybersecurity - Reform in Großbritannien geplant, © stock.adobe.com - Ali

UK cybersecurity reform planned for 2025: government confirms

UK companies are set to get the first sight of an updated cybersecurity regime, with the introduction to Parliament in 2025 of the Cyber Security and Resilience bill now confirmed. Technology minister Peter Kyle said this month that the bill would shore up Britain’s cyber defenses, pointing to a number of high-profile cybersecurity issues in recent years.
Von Redaktion
24. Oktober 2024

Dieser Artikel wurde am 30.9.2024 bei MLex veröffentlicht. MLex ist ein Nachrichtendienst von LexisNexis mit globalen News & Analysen zu regulatorischen Pflichten. Der Artikel wird derzeit allen Leser:innen kostenfrei zur Verfügung gestellt.

UK companies are set to get the first sight of an updated cybersecurity regime, with the introduction to Parliament in 2025 of the Cyber Security and Resilience bill now confirmed.

An updated briefing note, published today and largely containing the same details as when the bill was first announced in July, confirmed the planned introduction to Parliament.

The document also indicated that further consultations will be held before the first draft is presented in Parliament.

“The government is working with key stakeholders to gather input and will issue further communications on this in due course,” it said.

Technology minister Peter Kyle said this month that the bill would “shore up” Britain’s cyber-defenses, pointing to a number of high-profile cybersecurity issues in recent years.

Some of the most high-profile incidents included a ransomware attack on systems provided by private contractor Synnovis, which affected public hospitals in London and saw appointments and procedures delayed or cancelled, as well as a breach of the Ministry of Defence's payroll data run by contractor SSCL (see here).

The original note, published in July, said that the bill would seek to address a concern that the UK is being left behind on protecting critical digital infrastructure while the EU progresses with updates, making the UK "comparatively more vulnerable."

The UK’s Networks and Information Systems Regulation 2018, or NIS, is inherited EU law covering critical infrastructure that requires the processing of digital data for its operation or protection, such as energy, water, transport, health services and digital infrastructure.

The UK did not follow the EU’s lead with an updated NIS2 passed in early 2023, only saying it would monitor closely the EU's reforms to "assess the impact on companies operating in both the UK and the EU.” Two post-implementation reviews found numerous problems with the way the regime operates, prompting calls for urgent reform (see here).

 Dieser Artikel wurde am 30.9.2024 bei MLex veröffentlicht. MLex ist ein Nachrichtendienst von LexisNexis mit globalen News & Analysen zu regulatorischen Pflichten – jetzt kostenfrei testen.

Autoren

782_632_LN_Logo_RGB_Primary_Full-Color_Positive.jpg

Redaktion

Die LexisNexis Österreich & Compliance Praxis-Redaktion versorgt Sie regelmäßig mit aktuellen News und Informationen aus der Compliance-Welt. Unser Ziel ist es, Ihre tägliche Arbeit bestmöglich zu ...