Top Rated Articles

Wedding Invitations Don'ts

By Sarrah Beaumont | 5 Rating | Published 2009-07-21 18:24:23

Much is already written regarding weddin...
Read more..

Car Bodywork Paint Repair Restoration Techniques - Spray Painting

By Mario Goldstein | 5 Rating | Published 2009-07-22 21:11:32

When buying a car one of the biggest cho...
Read more..

How Do I Make My Home Insurance Company Hurry Up?

By Anthony Peck | 5 Rating | Published 2009-08-07 05:45:36

Is there anything more frustrating that ...
Read more..

Do You Really Need Car Insurance

By Warren Fets | 5 Rating | Published 2009-08-21 03:45:27

There are many advantages to having car ...
Read more..

So What Do You Really Know About Fashion?

By Benedict Smythe | 5 Rating | Published 2009-08-24 15:48:39

Fashion is extremely seductive, slightly...
Read more..

Regulators Show Increasingly Focused Approach To Uk Cyber Security By Liz Seyi

  in Business | Published 2019-03-28 11:42:20 | 46 Reads | Unrated

Summary

It seems that cyber security has been hogging ever-greater headlines in recent times, due to both continued high-profile lapses and regulators paying increasing attention to this arena. As far as the former is concerned, it was only in September that British Airways suffered a cyber attack that

led to customer personal data being compromised. A no less significant development, however, occurred on 1st October, when the Financial Conduct Authority (FCA) hit Tesco Personal Finance plc with a monumental £16.4 million fine due to a 2016 cyber incident. An evolving regulatory picture – but still sluggish attitudes Furthermore, one would only need to look back to May to see another key step in the rapidly changing story of how cyber security is treated in the United Kingdom – albeit, the news was somewhat overshadowed at the time by all of the fuss about the General Data Protection Regulation (GDPR) coming into force. The news in question was the UK’s first legislation specifically focused on cyber security, the Network and Information Systems Regulations 2018, coming into force. Despite this major development, it seems that organisations around the UK still aren’t necessarily as well-prepared as they ought to be to respond appropriately in the event of a cyber attack. Over the last few years that cyber security presentations have been made to clients, industry bodies and other businesses, about 80% to 90% of attendees have confirmed that their business has identified cyber security as a significant, top-five risk. Only about 30% to 40% of the same guests, however, have answered an immediate follow-up question to confirm that their firm has a cyber incident plan. This equates to around 60% to 70% of individuals accepting that a cyber attack is a significant threat, but not being prepared to take the most basic steps to prepare for how to respond in the event of an attack happening. How do the Network and Information Systems Regulations 2018 compare to the GDPR? Whereas the GDPR concentrates on personal data, the 2018 Regulations are to do with networks and information systems. However, there is clear potential for the GDPR and the 2018 Regulations to overlap, given that a cyber attack breaching a network may result in personal data being lost. This raises the possibility of multiple financial sanctions being imposed in relation to a single incident. The 2018 Regulations require regulated entities to adopt appropriate and proportionate technical and organisational measures to manage the risks posed to the security of their networks and information systems. In addition, entities are required to adopt appropriate and proportionate measures to prevent and minimise the impact of incidents affecting the security of those networks and information systems. A 72-hour deadline also applies for entities to notify the relevant competent authority of a significant incident. Contravening the 2018 Regulations can result in competent authorities issuing information notices, carrying out inspections, issuing enforcement notices and/or imposing financial penalties. The maximum penalty under the regulations is £17 million, which only applies for material contraventions that have caused or could cause an incident resulting in an immediate threat to life or having a significant adverse impact on the UK economy. With such a maximum financial sanction only narrowly below the £16.4 million fine imposed on Tesco Bank for a pre-2018 Regulations incident that seemingly did not have such catastrophic effects, it will be intriguing to see whether and how regulators will operate together to ensure their sanctions are balanced and – if cumulative – proportionate. If your organisation is on the lookout for the most professional and capable Company Incorporation Agents and Company Secretarial Support, please don’t hesitate to contact the London Registrars team today, by calling +44 (0)20 7608 0011 or emailing info@london-registrars.co.uk.

Comments

Login to comment

About the Author

About OpenArticle

openarticles.com is an article website dealing with the collection of quality articles on a number of subjects including entertainment, arts and science, medicine, career, classifieds, computers, technology, culture, education, entertainment, health, wellness, fitness, diet, writing, world affairs and many more. Read more...

Follow On

Contact: Contact OpenArticles