top of page

New plans to boost cyber security of UK's digital supply chains

IT service providers could be required to follow new cyber security rules such as the National Cyber Security Centre’s Cyber Assessment Framework as part of new proposals to help British businesses manage the growing cyber threat.




Other plans to protect the country’s digital supply chains include new procurement rules to ensure the public sector buys services from firms with good cyber security and plans for improved advice and guidance campaigns to help businesses manage security risks.


The move follows a consultation by the Department for Digital, Culture, Media and Sport (DCMS) to enhance the security of digital supply chains and third party IT services, which are used by firms for things such as data processing and running software.


It comes as new research of chairs, CEOs and directors of Britain’s top companies shows the majority (91 per cent up from 84 per cent in 2020) see cyber threats as a high or very high risk to their business, but nearly a third of leading firms are not taking action on supply chain cyber security, with only 69 per cent saying their organisation actively manages supply chain cyber risks.


The government’s National Cyber Security Centre (NCSC) already offers a raft of cyber security support and advice on identifying business-wide risks and vulnerabilities - including the Cyber Assessment Framework - as well as specific Supply Chain Security and Supplier Assurance guidance


There is also advice on defending against ransomware attacks and the Cyber Essentials scheme offers small and medium-sized firms a cost-effective way of getting basic measures in place to prevent the vast majority of cyber attacks.


Minister for Media, Data and Digital Infrastructure, Julia Lopez, said:

As more and more organisations do business online and use a range of IT services to power their services, we must make sure their networks and technology are secure
Today we are taking the next steps in our mission to help firms strengthen their cyber security and encouraging firms across the UK to follow the advice and guidance from the National Cyber Security Centre to secure their businesses’ digital footprint and protect their sensitive data.

Today’s government’s response to the call for views shows there is industry support for developing new or updated legislation, with 82 per cent of respondents agreeing legislation could be an effective or a somewhat effective solution.


The government will now develop more detailed policy proposals and it is currently carrying out a review of the laws and measures which encourage firms to improve their cyber security and will launch a new national cyber strategy later this year.

Comments


The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.

bottom of page