- More firms providing essential digital services should follow strict cyber security duties with large fines for non-compliance
- Other legislative proposals include improved incident reporting and driving up standards in the cyber security profession
New laws are needed to drive up security standards in outsourced IT services used by almost all UK businesses, the government says. Other proposals being published today include making improvements in the way organisations report cyber security incidents and reforming legislation so that it is more flexible and can react to the speed of technological change. The UK Cyber Security Council, which regulates the cyber security profession, also needs powers to raise the bar and create a set of agreed qualifications and certifications so those working in cyber security can prove they are properly equipped to protect businesses online.