A lot happened in cybersecurity yesterday. First, the UK issued new tougher security and resilience measures for data centres to protect against potential disruption. Second, the UK and EU held their first Cyber Dialogue covering cybersecurity and resilience, preparedness and response to cyber incidents and attacks, cybercrime, cyber defence and building cybersecurity capacity in third countries.
Yesterday the UK issued new proposal aimed at protecting data storage facilities from cyber attacks, physical threats and extreme weather events. The new minimum security and resilience requirements will have regulatory oversight to ensure compliance, including new incident reporting requirements, and seeks to promote the UK to tech investors as well as safeguard UK national security. This comes on the back of the UK's cyber chief stating that there is an ‘enduring and significant’ threat to the UK's most critical infrastructure. The proposal for new laws seeks to ensure data centre operators boost security and resilience to reduce disruption, interruption or compromise access to data by businesses that rely on data centres. The UK government has issued a consultation on the topic which is open until 22 February.
The UK and EU Cyber Dialogue included exchanges on the latest legislative developments with an agreement to continue exchanges on policy developments, such as via the United Nations’ Cyber Programme of Action. The Dialogue discussed enhancing global cyber resilience and how to address and respond to malicious cyber activities. The UK and EU plan a second Cyber Dialogue in London in 2024.