The threat of a fine. Will this incentivise companies to improve cyber security?
The UK government will fine companies up to £17 million if they do not adequately set up cyber security defences, Engadget reports.
This follows the EU directive – named ‘NIS directive’ – to ensure ‘its member states are prepared for modern cyber attacks’. This law will be integrated into health, energy, transport and digital infrastructures.
In March of last year, 26 million NHS patient records were exposed to a major security breach, as reported by the Telegraph. The new regulation aims to stop this from happening again and protecting personal data.
According to the ‘IT Governance’ website, the NIS Directive was enforced in August 2016. EU members have until 9th May 2018 to ‘transpose it into national laws, and a further six months to identify the OES [Operators of Essential Services]’s to which it applies.’
Identity Force compiled a list of 2017’s worst breaches.