A new Cyber Security and Resilience Bill was announced in the background note accompanying the King’s speech in July.
This new legislation is intended to strengthen the nation’s defences against cyberattacks, a month after a ransomware cyberattack on Synnovis crippled London’s NHS hospitals and healthcare providers.
Synnovis is a company that supplies lab services such as blood tests, swabs, and bowel tests to major London hospitals.
Cyber Security and Resilience Bill
According to the background note accompanying the King’s speech, the new Bill will make crucial updates to the legacy regulatory framework by:
- Expanding the remit of the regulation to protect more digital services and supply chains: These are an increasingly attractive threat vector for attackers. This Bill will fill an immediate gap in the UK's defences and prevent similar attacks experienced by critical public services in the UK, such as the recent ransomware attack impacting London hospitals.
- Putting regulators on a strong footing to ensure essential cyber safety measures are being implemented: This would include potential cost recovery mechanisms to provide resources to regulators and provide powers to proactively investigate potential vulnerabilities.
- Mandating increased incident reporting to give the government better data on cyberattacks: Increased incident reporting should include where a company has been held to ransom – this will improve the government's understanding of the threats and alert them to 94 potential attacks by expanding the type and nature of incidents that regulated entities must report.
The Cyber Security and Resilience Bill is going to be introduced into parliament in the coming months.