UK firms could face £17 million fine for disregarding Cyber Security

203

Businesses operating in the UK could face a fine of £17 million fine or will be charged 4% of their global turnover for disregarding threats related to Cyber Security. A Network and Information Systems (NIS) Directive has been passed on this issue and is said to come into effect from May 2018.

The NIS Directive aims to ensure that the digital infrastructure of public and private utilities like electricity, water, energy, health, and transport remain well protected from cyber threats. The directive will also cover other threats like power failures, hardware disruptions, and environmental hazards.


“We want the UK to be the safest place in the world to live and be online,” said UK’s digital Minister Matt Hancock. Hancock added that UK government will take all steps to make all the infrastructure of essential services resilient by this year end. And NIS Directive is said to play an important role on this note.

For poorly secured firms which do not have strong cyber security measures in place, the European Union’s General Data Protection Regulation (GDPR) plans to impose heavy fines. They can range from 17 million pounds and can go up to 20 million pounds or 4% of the global turnover of the firm.

While GDPR keeps a track of firms which lose sensitive data through cyber attacks, the NIS Directive is said to focus on the loss of infrastructure services.

Ciaran Martin, CEO of The National Cyber Security Centre (NCSC)  anticipates that public and private organizations operating in the United Kingdom will welcome the new initiative and will strive to live up to the expectations on this note.