Seven Takeaways from the UK Government’s Cybersecurity Regulation and Incentives Review

6 February 2017
View Client Update

Key takeaways

  • Building on the UK Government’s recently issued cybersecurity strategy, the UK Department for Culture, Media & Sport has published its Cyber Security Regulation and Incentives Review.
  • While the Government has decided not to implement prescriptive cybersecurity regulations, businesses should not forget the demands of pre-existing and future data protection obligations, most notably the GDPR, on their cybersecurity programmes.
  • Going forward, businesses which fail to implement appropriate cybersecurity systems and controls may face significant penalties from both data protection authorities and financial regulators.