Citation[]
Department for Digital, Culture, Media & Sport, Cyber Security Regulation and Incentives Review (Dec. 21, 2016) (full-text).
Overview[]
This review considered whether there is a need for additional regulation or incentives to boost cyber risk management in the wider economy.
The Review makes a number of conclusions and recommendations, including:
- • There is a strong justification for regulation to secure personal data, as there is a clear public interest in protecting citizens from crime and other harm.
- • Government will therefore seek to improve cyber risk management in the wider economy through its implementation of the forthcoming General Data Protection Regulation (GDPR). The breach reporting requirements and fines that can be issued under GDPR will represent a significant call to action for industry.
- • This will be supplemented by measures to more clearly link data protection with cyber security, including through closer working between the Information Commissioner's Office and the new National Cyber Security Centre.
- • Further new measures include working with the investment community to produce cyber security guidance, and working with regulators via a new Regulators' Forum which will share good practice and threat information.
- • For now, Government will not seek to pursue further general cyber security regulation for the wider economy over and above the GDPR.