Labour leader Keir Starmer has announced plans for a Cyber Security and Resilience Bill in the upcoming parliamentary term. The goal of this legislation is to enhance the UK’s cyber defenses, ensure the continuity of digital services, and introduce mandatory reporting of ransomware incidents.
The proposed Bill acknowledges the increasing threat posed by cyber criminals and state actors to organizations of all sizes across the UK. It aims to update existing cyber laws, which are currently based on EU regulations that are being replaced.
With a focus on protecting essential services and critical national infrastructure, the Bill has two main objectives: expanding regulatory powers to safeguard digital services and improving reporting requirements to better understand cyber threats.
One of the key features of the Bill is the mandatory reporting of ransomware attacks. This move aligns with upcoming EU directives and demonstrates the UK’s commitment to combating cyber threats. Experts anticipate a surge in reported ransomware incidents once this requirement is implemented.
Ransomware reporting
Legal experts like Matt Worsfold from Ashurst believe that mandatory reporting of ransomware attacks will provide a more accurate picture of the cyber threat landscape. This proactive approach will help organizations better prepare for and respond to such incidents.
Strong commitment
Cyber security expert Louise Marie Hurel commends the government’s dedication to enhancing national cyber resilience. She emphasizes the importance of collaboration with industry stakeholders to ensure effective implementation of reporting requirements and cyber incident responses.
Cyber wishlist
While some industry leaders applaud the government’s efforts, others like Camellia Chan of Flexxon call for more focus on protecting critical sectors like healthcare. Matt Hull from NCC’s CyberUp campaign advocates for updates to the outdated Computer Misuse Act of 1990 to empower cyber professionals in safeguarding the digital economy.
