The proposal from the Department for Digital, Culture, Media & Sport (DCMS) also includes other legislation such as improved incident reporting and giving the UK Cyber Security Council, which regulates the cyber-security profession, additional powers.

It would allow it to create a set of agreed qualifications and certifications so those working in cyber security can prove they are properly equipped to protect businesses online.

The plans follow recent high-profile cyber incidents such as the cyber attack on SolarWinds and on Microsoft Exchange Servers, which showed vulnerabilities in the third-party products and services that businesses rely on.

“Cyber attacks are often made possible because criminals and hostile states cynically exploit vulnerabilities in businesses’ digital supply chains and outsourced IT services that could be fixed or patched,” digital infrastructure minister Julia Lopez said.

“The plans we are announcing today will help protect...