The Record reports that in a policy statement published Tuesday, the British government set out what its forthcoming Cyber Security and Resilience Bill will include when it is introduced to parliament later this year:
The belated reworking of the country’s cybersecurity regulations comes three years after the previous government had prematurely described those laws as “updated” while failing to actually introduce the legislation.
“For too long, successive governments have failed to properly address the growing risk posed by cyber criminals and hostile states. Our people have paid the price,” said Peter Kyle, the Secretary of State, in a foreword to the policy document.
… Regulated entities will have to notify their sector-specific regulator and inform the National Cyber Security Centre (NCSC) within the first 24 hours of becoming aware of an incident. This notification will need to be followed by a full incident report within 72 hours.
Read more at The Record.
