Policy paper

Government response on amending the NIS regulations

The government's response to a call for views on amending the Security of Network and Information Systems (NIS) Regulations

This was published under the 2019 to 2022 Johnson Conservative government

Documents

Details

In July 2021 the government held a call for views on amending the Security of Network and Information Systems Regulations (the “NIS Regulations”.) This document contains a summary of the responses received, along with the government’s response to the issues raised.

The NIS Regulations set out rules to boost the level of security (both cyber and physical resilience) in digital services (online marketplaces, online search engines, cloud computing services) and essential services (transport, energy, water, health, and digital infrastructure services). The call for views in July sought feedback on the government’s proposal to move incident reporting thresholds from legislation to ICO guidance.

The government received 91 responses to the call for views. The responses were generally positive or neutral towards the proposals. Suggested improvements, constructive comments, or areas of concern have been responded to in this document. The government strongly believes the proposed changes in this statutory instrument will maintain and enhance the effectiveness of NIS legislation in protecting the security of network and information systems for digital service providers. We will publish details of what will happen next in due course.

This publication is part of the government’s wider work to protect the UK online and improve the cyber resilience of organisations across the economy and society. For more information, please read the section on cyber resilience.

Updates to this page

Published 17 November 2021

Sign up for emails or print this page