Air IT urges more stringent cyber security measures ahead of King’s bill

Nottingham-based Air IT, a managed IT services provider, has urged small and medium-sized businesses to take action in light of new technology bills announced in the recent King’s Speech. In the coming months, Parliament is set to introduce the Cyber Security and Resilience Bill, alongside the Digital Information and Smart Data Bill.

Following parliamentary debate and approval, these bills will receive Royal Assent, becoming legally binding. Although the King’s Speech did not mention a new AI bill, the Government has expressed its intention to legislate for the development of advanced AI models in the future. The Cyber Security and Resilience Bill aims to combat the increasing number of cyber security breaches and attacks, while the Digital Information and Smart Data Bill seeks to foster economic growth through innovative data usage.

The Cyber Security and Resilience Bill is designed to bolster cyber security across a wider range of firms by expanding current regulations, enhancing regulatory powers, and increasing reporting requirements to provide a clearer picture of cyber threats within the UK.

Lee Johnson, Managing Director of Air Sec, Air IT’s cyber security division, said: “This bill highlights the urgency to fortify the UK’s cyber defences, securing critical infrastructure and digital services. For businesses, more stringent cyber security requirements will be mandated, making cyber security a key budget priority for businesses, both large and small.

“The previous UK government had begun to look into reforming the  Security of Network & Information Systems regulations regime through a review and consultation. However, the new bill will likely extend the scope of NIS regulations to cover more digital services and supply chains, incorporating and mandating additional layers of incident reporting obligations and stronger regulatory powers and penalties for non-compliant businesses.”

This legislation aims to align the UK’s regulations with the EU’s proposed Cyber Resilience Act, an act which covers a wide range of products, focusing on enhancing the security posture of the connected ecosystem and mandates incident reporting, including ransomware attacks, to improve data on cyber threats.