The government has warned that critical service companies, such as those that provide water, energy and healthcare, could face fines of up to £17million or 4% of global turnover if they fail to adequately protect themselves from cyber-attacks that then result in a disruption of service.
In a separate legislation from the General Data Protection Legislation (GDPR), which concerns data, the Department for Digital, Culture, Media and Sport announced that the fines will be in place as a ‘last resort’ and won’t be imposed on companies who had put adequate protection in place but still suffered a breach.
“This legislation will have serious effects on service providers and it’s important they understand what protection they need,” said Mark Howarth, director of Morson Cyber Security. “Companies need to have in place secure configuration, monitoring and alerting, and ongoing vulnerability assessment. The latter is particularly important as the ongoing nature of the assessment allows changing threats to be protected against. These are all features of our complete managed service solution.”
The comments from the government come just months after a large-scale and preventable cyberattack hit the NHS and several other organisations across the world, resulted in a disruption of service.
Meanwhile, with less than a year to go until the GDPR comes into force, companies of all sizes are scrambling to make sure they are compliant, with fines for breaches also up to 4% of global turnover. Many companies are still either unaware of or have yet to take action on the GDPR.
To find out more about Morson Cyber Security, click here
Interested in content on cyber, engineering, careers and more? Why not sign up to our Morson blog below: