UK utilities from gas to water are scrambling to shore up their cybersecurity and spending big to do so – amid pressure from government watchdogs concerned at the wealth of poorly protected operational technology (OT) in the critical national infrastructure (CNI) space.
Assessment by the NCSC of previous industry breaches has resulted in the quiet creation of new requirements for utilities on cybersecurity under an “enhanced” Cyber Assessment Framework (e-CAF). Conformity is not required until March 2028 but organisations are moving fast to comply.
