The Government will highlight ‘operators of essential services’ tomorrow (9th November) – to comply with new requirements set out in the European Security Network and Information Systems Directive (NIS)
The Directive requires identified businesses and service providers to ensure their technology, data and networks are secured and cyber resilient.
The Directive links to the UK’s National cybersecurity strategy of ‘Defend, Deter and Develop’.
Under this strategy, organisations within vital sectors will be required to update their security measures to manage risks to their network and information systems.
According to the National Cyber Security Centre, the UK has been hit by more than 1000 serious cyber attacks over the past two years.
The increasing threat has led to 69% of organisations in the UK spending more on their IT security spending.
But World Wide Technology has warned that growing sophistication of cyber attacks requires more than increasing the spend on cybersecurity products.
Dave Locke, Chief Technology Officer at World Wide Technology said: “The increase in regulations combined with the augmented risk of cybersecurity attacks has led to an exponential rise in companies focusing on revamping their security and compliance infrastructures.
“Strategies have been remodelled to move on from corrective measures to a more proactive approach to cybersecurity.
“Businesses are increasingly undergoing full assurance exercises to map out applications and processes in their existing system before embedding new controls into their target environments.
“But due to the complex nature of existing systems which have been built with different and sometimes conflicting metrics over the years, legacy infrastructures now consist of a complex patchwork of applications which communicate with each other in complicated ways.
“This network of opaque interdependencies creates a significant challenge to businesses, which means they have to undertake an extensive discovery phase to create a real-time picture of the entire network.
“Once this has been done, dynamic controls can be embedded so the IT networks are not only immune to cyber vulnerability, but also increasingly transparent and self-auditable.”