back to article EU cybersecurity directive will reach Britain, come what May

The passage of the EU Directive on the Security of Network and Information Systems (NIS) will have a profound effect on corporate security across Europe and even in Britain, despite the Brexit vote. The NIS Directive applies to organisations that provide elements of a country’s critical national infrastructure – i.e. operators …

  1. Chris Hawkins
    Linux

    Come what May?

    Hmm!!

    Well May has come! ;)

    1. Chris Miller

      Re: Come what May?

      Nurse! The mind bleach!!

  2. Lotaresco

    A good thing

    It's difficult to see this directive as anything other than a good thing. One reason that the UK has such a grip on world banking is a global reputation for trust and stability (even despite the things bankers have done to break that reputation). Establishing the same reputation for the care of personal and mission-critical data could lead to a similarly dominant position for the UK in data storage and processing. Handled appropriately this could be very good news.

    I'm hoping our politicians are going to "get" the potential and not foul things up.

    1. Voland's right hand Silver badge

      Re: A good thing

      Go and tell that to the demented lot who is only interested in staying in power courtesy of racist nana's vote.

      They quite happily will burn anything and everything to be elected for next term. That includes digital services (which make nana unhappy as it is used to distribute filthy pictures), financial services (which make nana unhappy as it is used to make money by filthy foreigners), "insert your name here" services (which make nana unhappy just because it is not good old industry like British Leyland).

    2. John Brown (no body) Silver badge

      Re: A good thing

      "I'm hoping our politicians are going to "get" the potential and not foul things up."

      With Theresa "Snoopers Charter" May in charge during the exit period? I should cocoa!!

  3. easytoby

    Bigger Problem: May's stance on encryption

    The bigger cloud accompanying May's appointment (as opposed to election....) is her stance on encryption. I assume she is an intelligent person, however her past comments on encryption and her desire to see a state agency back door into private communications, point either to an ignorance of the facts or a deliberate ignoring of the implications

    1. Sir Sham Cad

      Re: Bigger Problem: May's stance on encryption

      I suspect come Wednesday when she no longer has the Home Office brief she'll find it to be SEP.

    2. Brent Beach

      Re: Bigger Problem: May's stance on encryption

      Somewhat sad that the best the Conservative Party has to offer is a person who showed staggering incompetence in her previous job, on a technical level.

      Her main quality as a leader appears to be her blind and unshakable ability to follow orders.

      You have to wonder who is giving the orders these days.

      No one in the party appears to have the least idea and no one else wants the job.

      The worst casualty of these neoliberal times appears to be the political class itself.

  4. Slx

    Down with this red tape!

    [sarcasm]This is ridiculous red tape! The UK needs to be free to give all its data to hackers and ban that awful encryption that gets in the way of legitimate random browsing of hard drives.

    [/sarcasm]

    1. Anonymous Coward
      Anonymous Coward

      Quite so! Laissez-faire all the way!

      (thankfully BrExit is no bar to Franglais)

      The very core of BrExit is returning governance to proximate hands from remote ones. And who, I ask you, is nearer to a cockup in handling your data than the people who cocked it up? So let's not burden down companies with onerous reporting (at just the time they'll need all hands at the data pumps too) - and I promise you, in years to come we'll see that the number of reported privacy breaches in the UK is a fraction of those reported in the EU. Huzzah!

    2. Bloakey1
      Coat

      Re: Down with this red tape!

      Nooooo!!! Up with more red tape. Let us keep these Johnny foreigner hackers away from Blighty's shores.

      Build a barrier, mine it and monitor it constantly make everybody have a digital ID card and perform regular sweeps and lock downs of areas where these people congregate.

  5. Anonymous Coward
    Trollface

    EU and whose army?

    After two World Wars, we don't need advice from Johnny Foreigner !

    1. Sir Sham Cad

      Re: EU and whose army?

      Welp maybe we do. Unless we already have legislation in place that covers this in which case we're already compliant. If we don't then maybe we should listen to Johnny F this time round.

    2. Version 1.0 Silver badge

      Re: EU and whose army?

      If it had not been for Johnny Foreigner, it's a safe bet we'd not been speaking English right now.

  6. elaar

    "Even after that period, UK companies that process EU citizens’ personal data will still be obliged to comply."

    I assume then that this applies to every other country in the world that processes EU citizens' personal data. How are they going to enforce it?

    1. Sir Sham Cad

      If you look at the Safe Harbor stuff then a) yes they do and b) by advising against using non compliant services hence making the people who want to sell those services up their game and/or by adding legal liability for data breaches caused by using non compliant services.

    2. Nick Kew

      You enforce it by making it illegal for a non-compliant company to do business.

      Same as any other regulation. If a company makes a car with no brakes, it would (I presume) not be legal to sell those for use on Europe's roads. Or all those lead-painted toys we used to import.

  7. Baldy50

    Our server, thou art in the cloud, hallowed shall be your drives!!!!!!!!

    I don't know but could we and others be heading for a 'Great Firewall of' 'Name Of Country' Under May, as she doesn't have a clue about the consequences of the reforms presented to her on this issue?

    1. Nick Kew

      Re: Our server, thou art in the cloud, hallowed shall be your drives!!!!!!!!

      We've had a UK Great Firewall for years. Google "Internet Watch Foundation". Hit the headlines in 2008 when it momentarily blocked wikipedia.

  8. ICPurvis47
    Headmaster

    The UK's withdrawal from the EU will take at least two years.

    "The UK's withdrawal from the EU will take at least two years so UK companies will be subject to the rules for several months, if not longer." Incorrect! The two year period is the maximum time for withdrawal, if UK has not done so within that period, it is automatically excluded. There is nothing to prevent our withdrawal on an accelerated timescale, well within two years, if the political and economic will is present.

    1. John Mangan

      Re: The UK's withdrawal from the EU will take at least two years.

      "if UK has not done so within that period, it is automatically excluded."

      That's not quite true - the deadline can be extended if ALL parties agree.

    2. John Brown (no body) Silver badge

      Re: The UK's withdrawal from the EU will take at least two years.

      "The two year period is the maximum time for withdrawal, if UK has not done so within that period, it is automatically excluded. There is nothing to prevent our withdrawal on an accelerated timescale, well within two years, if the political and economic will is present."

      That's true, but EU regulations are not laws. EU regulations are enacted into law by each sovereign nation member of the EU. As one of the worlds strongest economies and the 2nd biggest in the EU, the UK had a big hand in those EU regulations which are currently enshrined in UK law. Any bets on how long it will take for the first of those laws to be repealed?

      My bet is on never. I'm willing to bet that new statutory instruments and/or Acts of Parliament will be generated to amend existing law, not to repeal and/or replace any of them,

      1. Version 1.0 Silver badge

        Re: The UK's withdrawal from the EU will take at least two years.

        I believe the plan is to use Twitter to amend the laws to save time.

  9. toplard

    Yes. We've always known the Internet is inherently insecure

    So its curious we're suddenly concerned.

    Is anyone willing to consider the possibility the following is true, because then we'll have made the first step towards a remedy ? ...

    The problem is the Internet, not security, nor the attackers

    Root cause is the Internet itself. Its inherently insecure.

    Once we've accepted this to be true, we can begin the search for something to replace it?

    1. Snow Hill Island

      Re: Yes. We've always known the Internet is inherently insecure

      With apologies to Douglas Adams:-

      There is a theory which states that if ever anyone discovers exactly how to make the internet secure in a way which satisfies everyone, it will instantly disappear and be replaced by something even more bizarre and inexplicable.

      Some people argue that this has already happened.

    2. Bloakey1

      Re: Yes. We've always known the Internet is inherently insecure

      CIA!

      That is the solution. Apply that and we can make it so hard for any bugger to do anything that security will be good everywhere although availability might not be to hot.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon