Companies that fail to protect themselves effectively from cyber-attacks will face fines of up to £17m, the UK government has announced.
Energy, transport, water and health companies are expected to have 'the most robust safeguards'.
Regulators will be able to inspect cyber-security at such companies, under a new government directive.
In August last year, former Digital Minister Matt Hancock said imposing the fines would be a "last resort".
At the time, the penalties were part of plans subject to a consultation that has now been completed.
"We want our essential services and infrastructure to be primed and ready to tackle cyber-attacks and be resilient against major disruption to services," said the current Minister for Digital, Margot James.
Guidance for companies working in the relevant sectors has been published by the National Cyber Security Centre.
The government said the new rules would be effective from 10 May and cover breaches including disruptive ransomware outbreaks, such as the WannaCry attack that hit many NHS facilities in May 2017.
"With so many nations, including the UK, now relying on digitalisation, hackers may look to cause mass disruption by targeting critical national infrastructure," said Jens Monrad, at cyber-security company FireEye.
"This could be systems, which the UK government and citizens rely on, like healthcare systems, water supply and electricity."
Mr Monrad added FireEye had recently detected new strains of malicious software designed to manipulate industrial safety systems.
The thought of having a website or business taken down by a hacker or hacking group is a chilling thought in itself, let alone having it attacked by an extremist hacker group.
A New Zealand woman, Ms Crystella, has had her business website "hijacked" by an apparent Islamic extremist hacker group, which replaced her site with photographs including ones depicting Isis flags. Ms Crystella said when she first noticed the hack, there was a timer on the page, which she worried could be linked to videos of Isis beheadings. Police told her the site needed to be "shut down immediately", because it posed a security risk, and quizzed her for 45 minutes asking "thorough" and "specific" questions.
Last June a number of Australian websites were targeted by the group, with one report claiming thousands were hacked in a single day. Australia's biggest car mechanic group, Ultratune, was hacked in May last year by the same group, in a hijacking which appeared to be making a statement about the conflict in the Middle East.
Check out this fantastic article from our friends at Delta Insurance, released as a feature from their thought leadership series.
The article provides a real world view of the predominant risks facing New Zealand SMEs, such as simple daily threats like malware, viruses and scams. With the rise of cloud computing we have seen strong cost savings come online applications for many small businesses, however this often comes at the compromise of data security.
The article also provides an overview of the legislation in New Zealand, the gaps in traditional insurance products, risk management strategies and the overall rise and relevance of Cyber Liability Insurance
If a hacker is determined to get into a company's systems, it is hard to stop them.
The Price Waterhouse Coopers (PWC) survey found 43 percent of New Zealand respondents said their employee records had been compromised. In comparison, the global figure is 29 percent.
A new report suggests New Zealand organisations are lagging behind the rest of the world when it comes to privacy and internet security.
New Zealand had the fourth-highest number of cyber-attacks in the Asia Pacific region last year. Whether it is at home, or at the office, our connectedness with the internet these days means that we are at risk whenever and however we engage with every day life.
Tips for cybersecurity:
Check out this great video featured on Insurance Business TV. It provides a more holistic view around the rise of cyber insurance, and why an SME should now expect his broker to discuss cyber insurance as a very real risk prevention strategy. The video covers a range of topics including how Cyber insurance is not new but has become increasingly relevant, especially with new legislation in place.
Cybercriminals took an average $32,000 from small business accounts that they hacked in 2015, according to a December survey of owners by the advocacy group National Small Business Association. What is really scary is that businesses don't have the same legal protection from bank account fraud consumers have.
Whether a business is protected depends on the agreement it signs with a bank, says Doug Johnson, a senior vice president with the American Bankers Association, an industry group. If the business hasn't complied with any security measures required by the agreement, it could be liable for the stolen money, he says.
Thieves are increasingly using realistic-looking emails to trick companies into transferring money from their accounts with what's known as wire transfers. Often, an employee receives an email purportedly from a company executive asking them to transfer the money from the company's account into a specific external account. If employees don't check to be sure the request is legitimate, they might go ahead and authorize a withdrawal.
A great article showcasing the NZ markets exposure to cyber threats and just what a business should consider when assessing its options for protection.
This article and video suggest that Cyber security is the third biggest risk to businesses however when the Prime Minister was asked recently, what's the biggest risk to New Zealand businesses, he said "cyber security".
The article provides a real world view of how Cyber impacts New Zealand businesses, showcasing Spark's network operations centre in Auckland and how it is attacked thousands of times each day, "on average, about 3800 attacks a day", says Colin Brown, general manager.