UK government introduces new Cyber Security Bill to keep critical infrastructure safe

• New Cyber Security Bill looks to offer UK infrastructure extra protection
• New bill will cover over 1,000 service providers
• UK government continues push to encourage digital innovation

The UK Government has set out new plans to reinforce digital critical infrastructure and protect public services.

The Department for Science, Innovation, and Technology has announced its new Cyber Security Bill, which it says will provide “essential IT services” to public infrastructure in order to make them a less attractive target for cyber criminals.

The news comes alongside concerns from top security officials who warn that Britain is “shockingly vulnerable” to cyberattacks, the Telegraph reports. In particular, critical infrastructure like the NHS and national power grid use third-party vendors which aren’t subject to the same security rules as large public institutions.

Monitor your credit score with TransUnion starting at $29.95/month

TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnion’s advanced risk assessment tools.

Preferred partner (What does this mean?)

View Deal

Costly threats

Third-party vendors are the intrusion point for a significant number of attacks, accounting for a conservative estimate of over a third of all breaches in 2024.

Vendors are often smaller companies who don’t have the same cybersecurity budgets, and can be a weak point exploited by attackers.

Cyber threats cost the British economy almost £22 billion per year, research suggests - and cause significant disruptions to public services and businesses.

The NHS has suffered multiple attacks in recent years, and some hospitals have even been forced to declare major incidents thanks to intrusions.

The new bill will cover over 1,000 service providers, and aims to give the British public confidence in digital services and support the “Government’s mission to kickstart economic growth.”

Many digital firms have welcomed the Bill, although some say it does not go far enough. Carla Baker, Senior Director of Government Affairs UK&I at Palo Alto Networks comments that “the government could go further to protect the UK by including the public sector in the scope of the legislation,” pointing to legacy IT systems and outdated tech leaving sectors vulnerable.

“The government can no longer afford to sit on the sidelines and solely focus on pushing security obligations onto industry. Recent high profile public sector cyber attacks have demonstrated exactly why the government must do more to enhance its own resilience and lead by example. The time to act is now.”

You might also like

• Take a look at our picks for the best AI tools around
• Tackling the UK's cybersecurity skills shortage
• Millions of solar power systems could be at risk of cyber attacks after researchers find flurry of vulnerabilities