Skip to main content
Call link

Last week, Julia Lopez, Minister of State at the Department for Digital, Culture, Media & Sport, announced that the government is proposing to strengthen the UK’s cyber resilience following a consultation period. This is part of its £2.6bn National Cyber Strategy in 2022, the commercial impact is the possibility it could carry hefty fines for those that don’t implement effective cybersecurity measures. In response to these updates, our Head of Technical Cyber Security, Richard Hughes shares his thoughts:

“The DCMS has provided proposals intended to strengthen cyber resilience in the UK.  These include bringing additional services within the scope of NIS regulations thus enforcing certain policies, permitting ministers to make more efficient changes to NIS regulations allowing for more responsive adaptation to changes to the threat landscape and creating standards within the cyber security profession to demonstrate competency and help ensure consistency. 

Whilst as always, the devil is in the detail, the very fact that cyber resilience has some attention is positive and in principle, we welcome any steps that will bolster the security posture of the UK, its businesses and its citizens.  In many cases, sufficient improvements will not be made without legislation.”

The supply chain is one of the areas of least concern to industry and organisations need to suitably challenge their suppliers as to their cyber security position. The DCMS consultation is aimed at outsourcing organisations, but all suppliers should be asked to take responsibility as we live in a digital age.

In January 2022, the International Committee of the Red Cross admitted last year they suffered a supply chain cyberattack that compromised the personal data of more than 515,000 “highly vulnerable people”. It added that the supplier was an organisation the Red Cross used to store its data but did not name the company.

Other proposals being published by the DCMS include making improvements in the way organisations report cyber security incidents and reforming legislation so that it is more flexible and can react to the speed of technological change.

At A&O IT Group we work closely with our clients to help them take control of their business before someone else does. This often involves helping them improve security control in their supply chains. Our experts are on hand to offer guidance on cyber security compliance for businesses of all sizes and across all industries.

Is your business secure and compliant?

From ISO 27001 consultancy and implementation to Cyber Essentials accreditations and GDPR guidance, we're ready to help. 

Find out more

Call us today +44 01344 948 888