The British government has stated that firms could be fined up to £17m if they do not protect themselves from cyber attacks. The Digital Minister, Matt Hancock, is believed to have said that the fine, which could be up to £17m, is likely to be used only as a last resort.
The fine, a part of the Network and Information Systems directive (NIS), could be implemented from May 2018, making health, water, energy, transport, banking, and financial market providers responsible for ensuring that customer data is protected.
RKN Global’s founder, Ronald K. Noble, sees this move as part of a growing awareness of the interconnectedness of the cyber world and the importance of consistent cybersecurity across sectors of society.
If companies implement the measures and still fall foul of an attack, they will not be fined. The British government has a 5-year National Cyber Security Strategy on which it plans to spend £1.9billion, and the NIS directive is believed to be part of this strategy.
The UK intelligence service GCHQ has spent close to £1 billion on a cyber security programme, but there are concerns that this programme has not worked, leaving people and businesses vulnerable to attack.
A survey of 1,500 UK businesses revealed that almost 50% reported that they experienced a cyber attack in 2016. While new security measures do not guarantee that an attack won’t take place, it is still crucial to do as much as possible to prevent it. Proper security may prevent customer data falling into the wrong hands.