The UK’s ability to protect itself against cyber-attacks won’t change if the country opts to leave the European Union, a survey of cyber-security professionals suggests.
The study, conducted by cyber-security firm Tripwire, involved 278 information security professionals who attended the InfoSecurity Europe conference in London last week.
64 per cent of the respondents said that choosing to leave the European Union in the June 23 referendum won’t affect the UK’s ability to protect itself from cyber-attacks. The info-security professionals also suggested that in case of Brexit, the UK could reconsider national implementation of several recent EU data privacy and cyber-security regulations.
“Most information security professionals appear unconcerned with the impact of this referendum on UK cyber-security,” said Neil Harvey, vice president of EMEA for Tripwire. “This could mean that they believe that the UK’s approach to cyber-security won’t change significantly either way, but it’s also possible that EU hasn’t provided enough transparency around the impact of new regulations in the near term to make a difference to professionals that grapple with these issues every day.”
New legislation that the UK might opt to avoid is the EU’s anticipated General Data Protection Regulation (GDPR), expected to come into force in February 2018, which will introduce concepts such as the right to be forgotten, data portability, data breach notification and accountability. Another piece of legislation is the Network and Information Security Directive, also known as the Cyber Directive, coming into force in August. This directive will require all critical infrastructure operators such as electricity, oil and gas suppliers, transport infrastructure operators like railways and airlines, as well as healthcare and financial institutions and internet service providers to report all cyber-security incidents.
“Cyber threats and attacks transcend national boundaries and politics and the only way we can defend ourselves is to share information and collaborate,” said Adrian Davis, regional managing director for global IT and cyber-security association ISACA.
“I’m confident that, as a profession, we will continue to help each other regardless of whether our nation is in or out.”