The Department for Digital, Culture, Media & Sport has published new measures to enhance security of businesses’ IT services vide notification dated November 15, 2021, such as:
- Introduction of new proposals for digital management firms to follow tough new security standards.
- IT service providers could be required to follow new cyber security rules such as the National Cyber Security Centre’s Cyber Assessment Framework as part of new proposals to help British businesses manage the growing cyber threat.
- Other plans to protect the country’s digital supply chains include new procurement rules to ensure the public sector buys services from firms with good cyber security and plans for improved advice and guidance campaigns to help businesses manage security risks.
- The move follows a consultation by the Department for Digital, Culture, Media and Sport (DCMS) to enhance the security of digital supply chains and third-party IT services, which are used by firms for things such as data processing and running software.
- The government’s National Cyber Security Centre (NCSC) already offers a raft of cyber security support and advice on identifying business-wide risks and vulnerabilities – including the Cyber Assessment Framework – as well as specific Supply Chain Security and Supplier Assurance guidance.
- Defence against ransomware attacks and the Cyber Essentials scheme offers small and medium-sized firms a cost-effective way of getting basic measures in place to prevent many cyber-attacks.