Utility, digital companies in Britain face $23m fines for cyber breaches
LONDON - New measures to protect Britain's critical infrastructure and digital services from cyber attacks and computer network failure came into force Thursday.
Firms in health, water, energy, transport and digital infrastructure are now expected to have robust safeguards in place against cyber threats and report breaches and network outages to regulators within 72 hours or face fines of up to $23 million.
The new law announced by Digital Minister Margot James will help reduce the number of damaging cyber attacks affecting Britain, the Department for Digital, Culture, Media and Sport (DCMS) said in a joint statement with the National Cyber Security Center (NCSC).
The center was set up by the government in October 2016 as part of Britain's official intelligence and security organisation, GCHQ.
Since then the center has already responded to more than 950 significant incidents, including WannaCry.
The statement said the new tough regulations will also give new regulators powers to assess critical industries and make sure plans are in place to prevent attacks.
The regulator will have the power to issue legally-binding instructions to improve security, and if necessary impose significant fines.
The legislation will also cover other threats affecting IT such as hardware failures and environmental hazards.
Margot James, Minister for Digital and the Creative Industries, said: ""Organisations must act now to make sure that they are primed and ready to stop potential cyber attacks and be resilient against major disruption to the services we all rely on."
NCSC will also act as the single point of contact between Britain and EU member states.
Ciaran Martin, chief executive of the NCSC, said: "The UK government is committed to making the UK the safest place to live and do business online, but we can't do this alone. Every citizen, business and organisation must play their part."
The new directive is an important part of the British government's five-year $2.6 billion National Cyber Security Strategy.
