Companies face fines of up to £17m for leaving themselves open to cyber attacks

Firms which negligently leave themselves open to cyber attacks could be hit with huge fines of up to £17 million or 4% of their global turnover, under Government proposals.

Companies working in the fields of energy, transport and health are among those which could be targeted in a planned crackdown by the Department for Digital, Culture, Media and Sport (DCMS).

It is intended to make sure that those providing essential services are taking strong enough measures to prevent crippling hacking attacks.

The proposed minimum expected standards include monitoring for threats, processes to detect cyber attacks, staff training in cyber security, and measures for quick recovery of systems after an attack.

If a company fell victim to a cyber attack and was then found to have not met the standards, they could then be fined, according to the DCMS plans, which have been launched as part of a consultation on network security.

Minister for Digital Matt Hancock said: "We want the UK to be the safest place in the world to live and be online, with our essential services and infrastructure prepared for the increasing risk of cyber attack and more resilient against other threats such as power failures and environmental hazards."

It comes after several major global cyber attacks in recent months, including the WannaCry attack that crippled large parts of the NHS and another major ransomware attack that hit many of the world's largest firms.

Businesses and public providers have been urged to respond to the DCMS plans.