The UK has been described as being closer to the US model of collaborative regulation than the European Union's one of coercion.
Speaking in a session at the SC Magazine Cyber Security Day, Stewart Room, partner at Field Fisher Waterhouse, said that there is a unity of data and security protection zones, and that he was seeing a ‘coalescence' of legal standards but a difference in tact.
He said: “The EU is saying that you should disclose and should have strong reporting standards. The US seems to have a cooperative approach while the EU is more coercive, and we see that the UK is more aligned with the US.
“The UK doesn't want a regulator with a big stick where the EU does and we are closer to the US, in any event we are going to the same place even from across the Atlantic.”
Room said that as the EU focuses on cyber security strategies, a cooperation plan needs to be built and member states need to work across utilities, while an ‘intelligent regulator' is needed to regulate cyber space and a computer emergency readiness team (CERT) is needed to flow information from country to country.
“The EU environment for regulation is not a cooperative environment, it is a coercive one. The US likes to look at incentives or how things can be adopted in a voluntary way,” he said.
Asked why the UK was closer to the American model than the European one, Room said that this was the way that the EU works, with tough regulations and sanctions.
A poll of the audience, asking whether they agreed whether a breach should be reported to the regulator, found that 79 per cent agreed that you should report if you suffer a breach.