24 Aug UK organisations could face huge fines for cyber security failures
British organisations could face fines of up to £17m, or 4% of global turnover, if they fail to take measures to prevent cyber-attacks that could result in major disruption to services such as transport, health or electricity networks.
But the proposals, which are being considered as part of a government consultation launched on Tuesday, say that financial penalties will be used as a “last resort” and not applied if organisations facing an attack can prove they assessed the risks adequately.
The move comes after the NHS became the highest-profile victim of a global ransomware attack, which resulted in operations being cancelled, ambulances being diverted and patient records being made unavailable.
The coordinated attack that infected a large number of computers across the health service was linked to WannaCry malicious software.