answer text |
<p><strong></strong></p><p>In 2018 the Government put in place new powers under the
Network and Information Security (NIS) Regulations which require the most significant
operators in the energy, transport, health, water, and digital infrastructure sectors
to manage cybersecurity risk, including from the supply chain. The Competent Authorities
who regulate the critical national infrastructure operators in scope of NIS may inspect
and potentially impose fines of up to £17 million. Outside of NIS any powers are sector
specific. Expert technical support from the National Cyber Security Centre (NCSC)
is provided to regulators and operators to ensure that cyber security risk is managed
and mitigated in a consistent way across the UK’s CNI.</p>
|
|