NCSC Expects Major Cybersecurity Attack in the UK the Next 2 Years

IT security guy

IT security guyThe UK needs to be prepared for a major cybersecurity attack that could happen in the next two years, according to National Cyber Security Centre head Ciaran Martin.

Otherwise called a category one (C1) attack, Martin said that the country has been able to avoid such threats in the last 15 months due to pure luck.

Risk management

While it may not be entirely possible to prevent cyber-attacks, a company should be able to “cauterise the damage,” according to Martin. So far, the most prominent cyber-attack to hit the UK happened in May 2017, when the WannaCry virus affected many National Health Services facilities in the country.

This ransomware attack only constituted a C2 level type. On the other hand, a C1 level attack would seriously affect critical infrastructure and put human lives at risk. If these are not enough reasons, then paying a steep penalty for not having cybersecurity initiatives could compel businesses to begin adopting more stringent measures.

Steep fines

The British government plans to impose up to £17 million of fines to companies for non-compliance with a new cybersecurity rule. The regulation will take effect on May 10 and will require industries to be prepared against online threats, particularly those that work in the energy, healthcare, transportation and water industries. Former Digital Minister Matt Hancock said that the fines would be a last-ditch effort to expand the practice of cybersecurity among different sectors.

This means you should already have updated protocols for security, including contingency plans for an efficient HR management system. Modules for human resource management software systems are necessary particularly for employees that handle sensitive information.

As early as now, companies must be ready to protect their digital infrastructure and confidential information or risk paying a high price in the future. What is your strategy against cyber-attacks?