UK CYBER SECURITY RESILIENCE BILL
“
Securing safety in supply It’s not only individual MSPs that may feel pressures, as adhering to the bill depends on the whole supply chain. If one supplier has poor cybersecurity controls, this weakness could expose organisations that rely on its services. The cyberattack on Marks & Spencer last April shows the scale of disruption from supply chain fragility. The retailer lost an estimated £300 million in profit with over a month of disruption after the attack, after a hacker group used phishing to gain access to company files through a third party vendor. As part of the UK Cyber Security & Resilience Bill, regulators will expect MSPs to prove that their critical suppliers meet cyber security standards like ISO27001 for information security or government-backed cyber essentials. To secure visibility, MSPs are encouraged to share evidence of compliance as well as monitoring which suppliers meet these standards. Documentation also needs to match the vendors practices, with active assurance given on incident response performance through meetings and test results that are audited. Visibility tools also make this process smoother. These software platforms work by collecting supplier data from
questionnaire responses, certifications and incident history to determine a risk score. They also alert businesses when a vendor’s status changes, meaning that MSPs will be informed with the latest details enabling them to stay ahead with their cybersecurity measures. As an MSP, OryxAlign uses its own technical and regulatory experience to support organisations across multiple sectors in refining their cybersecurity resilience. This includes aligning practices with changing standards like the Cyber Security & Resilience Bill. Services span across IT strategy, network management and cloud technology, approaching projects with governance in mind to ensure scalable digital infrastructure that is trustworthy. The Cyber Security and Resilience Bill will not be the UK’s final say on digital infrastructure legislation and governance will continue to change while cyberattacks remain a prominent threat. For MSPs, successfully meeting new regulations will depend on readiness and visibility. While these requirements test smaller providers, those that invest early in a structured response plan and clear supplier assurance will be prepared with future- proof methods as digital infrastructure continues to change. n
The Cyber Security and Resilience Bill will not be the UK’s final say on digital infrastructure legislation and governance will continue to change while cyberattacks remain a prominent threat.
”
www.newsinthechannel.co.uk
39
Powered by FlippingBook