The UK Government has proposed a bill to improve the nation's cybersecurity defences following a ransomware attack that severely impacted hospitals and healthcare providers in London.
The proposed Cyber Security and Resilience Bill is part of the new legislative agenda and aims to fortify supply chains and enforce stricter reporting of ransomware incidents.
It was included in the King's Speech on 17 July and outlines new Prime Minister Keir Starmer's plans to address cybersecurity vulnerabilities.
According to Bloomberg, the bill’s focus on supply chains underscores the increasing risks faced by the UK’s public services and their suppliers.
Its introduction comes after a recent cyberattack targeting Synnovis, a company that provides pathology services for many UK hospitals.
The incident disrupted blood-testing services and resulted in numerous medical appointments and operations being cancelled or delayed.
The National Health Service (NHS) reported on 11 July that 6,199 acute outpatient appointments and 1,491 elective procedures had been postponed due to the incident.
Hackers leaked around 400GB of sensitive data, including information on newborn babies and pregnant women, after Synnovis did not meet their $50m ransom demand.
The breach has raised concerns about patient privacy and the security of third-party suppliers, which London hospital executives had reportedly been aware of for years.
Bloomberg noted that the UK's current cybersecurity laws were inherited from the European Union (EU) and have not been updated in line with the EU's recent legislative changes.
A policy document accompanying the draft bill highlights the need for an 'urgent update' to ensure the resilience of the nation’s infrastructure.
The government has also proposed a draft law to make more national data available for scientific research and digital services.
In his address, King Charles III mentioned that the government plans to introduce 'appropriate' legislation to regulate AI models.