by Bharat Mistry
There’s a major new piece of EU cybersecurity-related legislation landing in May, but it might not be the one you’re thinking of. Most UK organisations have their eyes firmly focused on the General Data Protection Regulation (GDPR). But arguably just as important for companies operating in critical infrastructure sectors is the new Security of Network and Information Systems (NIS) Directive. It introduces a range of best practice security steps which organisations must follow: fail to do so and you could face a GDPR-sized fine of up to £17m.
The government has already committed to transposing the directive into UK law irrespective of Brexit. With a 10 May deadline looming, the clock is ticking. Continue reading