Summary: The British government has announced the forthcoming Cyber Security and Resilience Bill aimed at enhancing cybersecurity regulations in response to the increasing threats from cybercriminals and hostile states. This legislation seeks to expand the criteria for reportable incidents, include more entities under regulation, and strengthen the governmentโs ability to mandate actions for national security. The bill will be introduced to Parliament later this year for debate and amendment.
Affected: British cybersecurity regulations and organizations in critical sectors
Keypoints :
- The new bill will expand the definition of reportable cyber incidents to include those significantly affecting system confidentiality, availability, and integrity.
- Regulated entities will be required to report incidents to their sector regulator and the National Cyber Security Centre within 24 hours.
- The legislation will also introduce enhanced powers for regulators and allow the Secretary of State to direct actions for national security without requiring an Act of Parliament.
- The bill aims to make data centres critical national infrastructure and expand regulations to include managed service providers and other essential services.
- Stronger supply chain duties are planned, requiring essential service operators to ensure the cybersecurity of their suppliers.
Source: https://therecord.media/uk-sets-out-cyber-reporting-requirements-critical-infrastructure
Views: 7