Skip to main content
We are continuing to get a large number of reports of emails imitating Manx Telecom being sent to @manx.net addresses and are aware of over 35 subsequent account compromises.
Read More

Isle of Man residents should have confidence in the security and resilience of national infrastructure sectors to deliver essential goods and services. Essential services provided by both public and private sectors – such as our electricity grid, water supply and telecommunications systems should be able to withstand and recover from hazards that might disrupt their functions.

Unfortunately, hostile entities and criminals have recognised that this dependency creates an opportunity for what have become known as ‘cyber-attacks’.

The Department of Home Affairs wishes to introduce a National Infrastructure Security Bill to raise levels of cyber security and resilience for core services on the Isle of Man, which rely heavily on digital services.

For the purposes of this legislation the National Infrastructure means the systems and assets, including physical, digital and organisational, that are essential to the functioning of the Isle of Man and its economy.

The National Infrastructure for the Isle of Man comprises of many elements, commonly known as sectors and within those sectors will be businesses and organisations working to deliver the services upon which we rely.

Within this wide collection of businesses and organisations, known as entities, some will be more critical to our daily lives and the Isle of Man economy than others. Equally some will be larger than others.

Overview of the Proposed Bill

Some elements of the proposed bill include:

  • Cyber assurance framework for organisations.
  • Varying levels of compliance depending on factors such as size, sector and criticality.
  • Identification of a Competent Authority (CA) and Technical Authority (TA).
  • Notification periods for incidents which impact service delivery.
  • Enforcement regime for non-compliant organisations.
  • Designated Vendor Notices, Directions and Service Protection Orders

To explain this further we've created a handy guide to the proposed bill, and we encourage you to read and provide any feedback you may have.

The Roadmap

We have taken a number of steps for the implementation of the NISB, including internal and external consultation. The steps so far are as follows;

Summer 2022 - Internal consultation with CNI sectors

Spring 2023 - Political approval to explore the possibility of introducing a National Infrastructure Security Bill - added to the Department Plan

October 2023 - Announcement of National Infrastructure Security Bill at CYBERISLE 

February 2024 - Public consultation opens 

March 2024 - Public consultation closes

June 2024 - Response to public consultation released

October 2024 - Open invitation for further consultation at CYBERISLE 

November 2024 - Presentations held with the Critical National Infrastructure and Financial Services information exchanges. 

December 2024 - Presentation to Chamber of Commerce Digital Forum