Government lays out plans to protect telecoms networks against cyber attacks
New regulations and a code of practice will require firms to protect their networks from the threat of cyber attacks.
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.Telecoms providers will be required to put in place new, stronger security measures to protect UK networks from cyber attacks under plans published by the Government.
The new regulations and a code of practice for telecoms firms will compel them to carry out more in-depth risk assessments and tighten security controls, with large fines for those found to be in breach.
Digital infrastructure minister Matt Warman said the new rules would introduce “one of the world’s toughest telecoms security regimes” and better protect UK networks from current and future threats.
The new rules, which have been developed with the National Cyber Security Centre (NCSC) and industry regulator Ofcom, are to be introduced as secondary legislation in Parliament as part of the Telecommunications (Security) Act, which became law last November.
The regulations will require network providers to protect the data processed by their networks and services as well as the software and hardware which is used to monitor their networks, and to take account of supply chain risks – such as who has the ability to access their networks and services.
They will give Ofcom the power to issue substantial fines of up to 10% of turnover or, in the case of a continuing contravention, £100,000 a day.
The regulator will also have the power to carry out inspections of firms’ premises and systems to ensure they’re meeting their new obligations.
“We know how damaging cyber attacks on critical infrastructure can be, and our broadband and mobile networks are central to our way of life,” Mr Warman said.
“We are ramping up protections for these vital networks by introducing one of the world’s toughest telecoms security regimes which secure our communications against current and future threats.”
The Government said that providers will be subject to the new rules from October, with firms expected to have met the security duties and be following the guidance in the code of practice by March 2024.
The code will then be updated periodically to ensure it keeps pace with evolving cyber threats, the Government said.
Dr Ian Levy, technical director at the NSCS said: “We increasingly rely on our telecoms networks for our daily lives, our economy and the essential services we all use.
“These new regulations will ensure that the security and resilience of those networks, and the equipment that underpins them, is appropriate for the future.”