The UK infrastructure could face up to a 100% increase in cyber attacks in the next two years, as the growth in connected Internet systems is providing more surface areas and vulnerabilities for criminal hackers to exploit.
Data breaches could have devastating ramifications, such as essential information being held ransom, business interruptions and even loss of life.
This increase in cyber attacks is emerging at an unfortunate time for the UK, with two thirds of UK companies having a shortage of cyber security personnel with sufficient expertise to work on cyber security defences.
Considering this, and with new EU legislation such as the General Data Protection Regulation (GDPR) and the Directive on Security of Network and Information Systems (NIS Directive) less than six months away, it’s imperative for organisations operating in the UK’s critical infrastructure to implement and enhance their cyber resilience.
The NIS Directive
The NIS Directive applies to operators of essential services (OESs) and digital service providers (DSPs) that support the nation’s critical infrastructure.
It requires these organisations to enhance their cyber security by employing risk management and appropriate security measures, as well as measures that minimise the impact of incidents and ensure business continuity.
There will be a further six months for OESs to be identified, but with the number of cyber attacks expected to skyrocket, it’s important that organisations begin preparations now to improve their cyber resilience.
Don’t leave your company vulnerable to cyber attacks
The best way to meet the requirements of the NIS Directive is to build a cyber resilience strategy that implements:
- Robust cyber security defences;
- Adequate cyber risk preventative measures; and
- Appropriate tools and systems to deal with and report incidents and data breaches.
Although this may seem like a daunting task, IT Governance offers a comprehensive range of cyber resilience solutions to help you remove your cyber security vulnerabilities and make complying with the NIS Directive a hassle-free journey:
- Information security management, supported by the international information security standard, ISO 27001.
- Business continuity and cyber incident response management, supported by the international standard for business continuity, ISO 22301.