Labour calls for law forcing businesses to report cyber attacks

Are businesses equipped for this requirement?

Labour has called for a law that requires all private companies to report cyber attacks that threaten the country's national infrastructure.

The EU has previously proposed to require all companies and organisations to notify the national supervisory authority of any serious data breaches within 24 hours, which IT companies have highlighted could be difficult if businesses don't have the systems in place to enable such reporting.

In a speech to the Royal United Services Institute (RUSI) today, Vernon Coaker, Labour's shadow defence secretary, said: "New types of threat, such as cyber, will increasingly test the resilience of UK critical infrastructure networks.

"Labour has already called on the government to ensure that every company working with the Ministry of Defence (MoD), regardless of its size or the scale of its work, signs up to a cyber-security charter.

"Building on this, we will also consult on the prospect of creating a statutory requirement for all private companies to report serious cyber-attacks threatening the UK's national infrastructure."

Earlier this month, Europe approved a new cybersecurity law - the Network and Information Security directive - mandating companies that own, operate or provide technology for critical infrastructure facilities to report security incidents. The EU wants to reach an agreement with member states, including the UK, by the end of 2014.

Tags Ministry of Defence

Show Comments