Businesses face £17m cyber fines - Industry Comment
Following the opening of the government consultation for implementing the EU’s
Network and Information Systems (NIS)
"This is a clear sign from the government that it is unacceptable for organisations to ignore potential cyber threats targeting their technology, data and networks, and the impact these have on their ability to operate. These fines will motivate organisations to adequately prepare for a cyber-attack, and to develop the ability to contain breaches when they inevitably occur. A possible £17m fine means businesses cannot afford to be complacent about their cyber security strategy.
"Businesses need to develop a formal strategy against cyber-attacks that includes a robust incident response plan - and these should be adaptable should new threats emerge. Organisations should instrument their internal networks so that they have broad and deep visibility of network traffic, threats and user behaviour. Most importantly, companies need to respect that their employees can be their biggest weakness or their biggest asset - and the key to the latter is ensuring a culture of security where staff offer an extra defence against cyber threats. Employees should keep an eye out for malicious activity and must understand best practice in minimising damage.
"This consultation offers a real opportunity for active collaboration between government, cyber professionals and organisations. Hopefully this will translate into legislation that offers protection for all."