"First teased during the 2024 King's Speech, the Cyber Security and Resilience (CSR) Bill builds on the NIS 2018 regulations. While largely unchanged from the draft revealed by former tech secretary Peter Kyle in April, it now confirms datacenters will fall under the new regulations - an expected move after they were designated critical national infrastructure in September 2024."
"Datacenters keep the UK running, from patient records and payments to email services and AI development. The bill will bring them into scope of the regulations, ensuring they meet robust cybersecurity standards."
"Managed service providers (MSPs) will also be covered by the laws once passed, a change originally planned for the NIS 2022 update that didn't come into force."
The Cyber Security and Resilience Bill updates the NIS 2018 framework to raise cybersecurity standards across critical sectors. Datacenters have been designated in scope after being named critical national infrastructure, and managed service providers will also fall under the new rules. The bill distinguishes operators of essential services (OES) and relevant digital service providers (RDSPs), covering digital infrastructure, healthcare, energy, transport, water, cloud computing, online marketplaces, and search engines. New rules will apply to organizations overseeing electricity delivery to smart appliances, including electric vehicle chargers and smart heating. The government cites an estimated £14.7 billion annual economic cost from cyberattacks.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]