International Cyber Expo International Cyber Expo
  • About Us
Wednesday, 15 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

UK Critical Infrastructure Liable to Fines for Skipping Basic Cyber Security Checks

by The Gurus
August 30, 2017
in Editor's News
Smart city
Share on FacebookShare on Twitter

Over a third of national critical infrastructure organisations in the UK (39%) have not completed basic cyber security standards issued by the UK government, according to data revealed under the Freedom of Information Act by Corero Network Security.
The fact that so many infrastructure organisations have not completed the ’10 Steps to Cyber Security’ programme indicates a lack of cyber resilience within organisations which are critical to the functioning of UK society. It also suggests that some of these organisations could be liable for fines of up to £17m, or four percent of global turnover, under the UK government’s proposals to implement the EU’s Network and Information Systems (NIS) directive, from May 2018.
The Freedom of Information requests were sent by Corero, in March 2017, to 338 critical infrastructure organisations in the UK, including fire and rescue services, police forces, ambulance trusts, NHS trusts, energy suppliers and transport organisations.  In total, 163 responses were received, with 63 organisations (39%) admitting to not having completed the ’10 Steps’ programme. Among responses from NHS Trusts, 42% admitted not having completed the programme.
“Cyber attacks against national infrastructure have the potential to inflict significant, real-life disruption and prevent access to critical services that are vital to the functioning of our economy and society”, said Sean Newman, Director of Product Management at  Corero. “These findings suggest that many such organisations are not as cyber resilient as they should be, in the face of growing and sophisticated cyber threats.”
The Freedom of Information data also revealed that most UK critical infrastructure organisations (51%) are potentially vulnerable to DDoS attacks, because they do not detect or mitigate short-duration surgical DDoS attacks on their networks.  As a result, just 5% of these infrastructure operators admitted to experiencing DDoS attacks on their networks in the past year (to March 2017).  However, if 90% of the DDoS attacks on their networks are also shorter than 30 minutes, as experienced by Corero customers, the real figure could be considerably higher.
Sean Newman, continues: “To keep up with the growing sophistication and organisation of well-equipped and well-funded threat actors, it’s essential that organisations maintain comprehensive visibility across their networks, to instantly and automatically detect and block any potential DDoS incursions, as they arise.”

Tags: CybersecurityTechnology
ShareTweet
Previous Post

Imperva Survey Shows Nearly a Quarter of Companies Haven’t Hired a Data Protection Officer

Next Post

What’s the secret of the Higher-growth MSPs?

Recent News

Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

Forescout Uncovers AI Assisted Phishing Campaign Using Fake eCards

July 14, 2026
Lidl Confirms Data Breach After Third-Party IT Provider Hack

Lidl Confirms Data Breach After Third-Party IT Provider Hack

July 14, 2026
Black Duck Adds AI-Powered Triage and CRA-Ready Checks to Coverity Static Analysis

Black Duck Adds AI-Powered Triage and CRA-Ready Checks to Coverity Static Analysis

July 14, 2026
AI Appreciation Day: Celebrating Progress, Embracing Responsibility

AI has crossed from assistant to operator, Check Point research warns

July 14, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol