House of Parliament Joint Select Committee publishes report on cybersecurity and critical national infrastructure
A Joint Select Committee has warned that that the Network and Information Systems Regulations 2018 are not a ‘silver bullet’ when it comes to protecting Critical National Infrastructure (CNI) from cybersecurity threats.
The Committee’s misgivings are set out in their 2nd report emerging from their inquiry (the first dealt with cybersecurity skills.)
The report itself more generally covers the challenges for protecting national infrastructure, outlines the National Cyber Security Strategy and defines what ‘critical’ means in this context but in Part 4 it deals with the NIS Regulations. While welcoming the more robust regulatory framework these regulations introduced, and which they expect to “set a higher benchmark for cyber risk management“, the report’s authors go on to say the NIS Regulations are not a ‘silver bullet’ because:
We are therefore concerned that the NIS Regulations will not be enough in themselves to achieve the required leap forward in cyber resilience across all CNI sectors.”
The Committee is also concerned of the potential impact of Brexit, “given that cyber threats do not stop at national borders” and so they urge the Government to “prioritise maintaining access to the EU’s NIS Coordination Group and its workstreams to facilitate continued information-sharing and collaboration with EU Member States.”