In February 2013, the European Union published the EU Cyber Security Strategy and accompanying Directive (covered in previous posts, and available here). Now, in anticipation of the implementation of the Directive, the UK’s Department for Business, Innovation and Skills (BIS) has published a call for evidence to look at the impact of the Directive upon businesses in the UK.

Specifically, the UK government is preparing an initial impact assessment on the potential effects of the Directive in the UK and has launched the call for evidence in order to gather data to inform the evidence base for this assessment. The consultation closes on 21 June 2013, and is available to download here, although an online response version is also available.

The consultation document invites evidence in three main areas:

  • information on what the requirements and costs are for existing reporting mechanisms;
  • input on the additional requirements and costs for business if the measures set out in the Directive are implemented;
  • views on additional benefits which would result from implementing the measures set out in the Directive.