Skip links

Fines up to £17m launched for firms with poor cyber-security

Companies that fail to protect themselves effectively from cyber-attacks will face fines of up to £17m, the government has announced.

Energy, transport, water and health companies are expected to have “the most robust safeguards”.

Regulators will be able to inspect cyber-security at such companies, under a new government directive.

In August last year, former Digital Minister Matt Hancock said imposing the fines would be a “last resort”.

Matt Hancock

At the time, the penalties were part of plans subject to a consultation that has now been completed.

“We want our essential services and infrastructure to be primed and ready to tackle cyber-attacks and be resilient against major disruption to services,” said the current Minister for Digital, Margot James.

The government has said companies that don’t protect themselves effectively from hackers could face fine.

The government said the new rules would be effective from 10 May and cover breaches including disruptive ransomware outbreaks, such as the WannaCry attack that hit many NHS facilities in May 2017.

“With so many nations, including the UK, now relying on digitalisation, hackers may look to cause mass disruption by targeting critical national infrastructure,” said Jens Monrad, at cyber-security company FireEye.

“This could be systems, which the UK government and citizens rely on, like healthcare systems, water supply and electricity.”

Mr Monrad added FireEye had recently detected new strains of malicious software designed to manipulate industrial safety systems.

Post origins: https://www-bbc-com.cdn.ampproject.org/c/s/www.bbc.com/news/amp/technology-42861676

Leave a comment

Name*

Website

Comment