Companies could be fined £17 million for neglecting cyber security

Companies could be fined £17 million for neglecting cyber security

Organisations who fall short on their cyber security obligations could be fined up to £17 million or four per cent of their global turnover as the government seeks to make Britain’s networks safe from future cyber attacks.

It’s all part of the government’s Network and Information Systems (NIS) Directive, which will be implemented from May 2018.

Fines would be a last resort and wouldn’t apply to any operator that has assessed the risks adequately and taken appropriate security measures, but still suffered an attack.

The directive aims to help make sure UK operators in electricity, transport, water, energy, transport, health and digital infrastructure are prepared to deal with the rising volume of cyber threats. It will also cover other threats affecting IT such as power failures, hardware failures and environmental hazards.

Minister for Digital Matt Hancock said he wants the UK to be the safest place in the world to be online.

“The NIS Directive is an important part of this work and I encourage all public and private organisations in those sectors to take part in this consultation so together we can achieve this aim,” he commented.