About the session
Operators of the UK’s essential services face fines of up to £17 million if they fail to comply with strict, new cyber security laws. From 10 May 2018 organisations must be able to demonstrate that they understand the threat to their network and systems and have wide-reaching measures in place to detect and manage a security breach. The Network and Information Systems Directive (NIS Directive), proposed by the European Union, seeks to protect our vital infrastructure from increasingly sophisticated attacks. This paper offers an insight into the regulations and asks what they mean for the UK. The paper considers how the structure, processes, policies and systems within companies may change to meet the requirements, and we highlight the resources and expertise needed to comply. Finally, it discusses the impact of the new rules on the supply chain, and considers the action operators should take to avoid a significant penalty.
