Home > Reading Room > Cyber security laws are being refreshed

Cyber security laws are being refreshed

Written by Jessie Hamill-Stewart on 15 August 2017

« Return to Reading Room

It has been announced that the government will be incorporating an EU law of larger punishments for ‘essential services’ which are not prepared for cyber-attacks. These essential services include energy, health, transport and water, and indicate a new direction for cyber security laws.

Although the UK voted to leave the EU earlier this year, the government has decided to incorporate the National Cyber Security Strategy from EU’s Network and Information Systems (NIS) Directive, which they hope will be in effect by May 2018. The countries in the EU must incorporate this law into their national laws by May 2018. The UK government’s enthusiasm for an EU law illustrates the prominence of cyber security in today’s government.

The larger punishments largely refer to higher fines of up to £17 million or 4% of the organisation’s turnover – whichever is higher. The fines come in two bands, in order for them to be fair and proportionate. Digital Minister Matt Hancock describes the need for ‘our essential services and infrastructure’ to be ‘more resilient’. It is part of the government’s five-year £1.9 billion National Cyber Security Strategy. It ensures organisations incorporate staff training amongst other adaptations into their policies.

This new direction for the legal management of cyber security indicates how the law adapts and changes to different challenges to our cyber system. 

If you'd like to know more about this article please send an email to Michael Coyle quoting the article title and any questions you might have, alternatively call the office number on 02380 235 979 or send an enquiry through our contact form.

Want to speak
to someone?

Complete the form below and we’ll call you back free of charge.

Visual Captcha