The UK Network and Information Systems Regulations 2018, which implement the Network Information Systems Directive, are now in force.
The EU's Network Information Systems Directive is designed to sit alongside the GDPR and brings in cybersecurity and breach reporting requirements for Digital Service Providers (an online marketplace, an online search engine or a cloud services provider) and Operators of Essential Services.
The Directive has been implemented in the UK by the Network Information Systems Regulations 2018, which came into force on 10 May 2018.
If you think the Regulations apply to you, you will probably be waiting for guidance from the ICO and the National Cyber Security Centre to flesh them out. While the regulators have said they will not be heavy handed with enforcement in the first year of the Regulations, compliance should have already begun.
To find out more about who is caught by the Regulations and how to comply with them, read our article.