The Directive on security of network and information systems (the NIS Directive) requires transposition into European Union Member’s domestic law by May 9, 2018 (definition of an EU Directive). The NIS Directive, adopted in July 2016, entered into force in August 2016. The UK’s National Cyber Security Center (NCSC) published an Introduction to the NIS Directive, which provides an overview on on the application of the NIS Directive; a second web site sets out top level objectives of the NIS Directive. Objectives guidance on managing security risks, protecting against cyber attack, detecting cyber security events, minimising cyber security event impacts, examples of supply chain cyber attacks, assessment of supply chain practices, and the 12 principles of supply chain security are posted on the NCSC website. The NSCS also published an Introduction to identity and access management. The Cyber Assessment Framework (CAF) will be published by the end of April 2018. A table setting out the 14 NIS principles together with related guidance and objectives was updated in March 2018. There are a number of infographics covering various topics concerning cyber security and a glossary of terms. You may read the consultation related to the NIS Directive, which is now closed for further detailed information and guidance on applicability of the NIS Directive to your company or business. The NIS Directive applies to “operators of essential services” and “digital service providers.” Essential services operators are designated by member state governments. Digital service providers include online marketplaces, search engines, and cloud computing services. Commission Implementing Regulation (EU) 2018/151 of 30 January 2018 established rules for application of the NIS Directive to digital service providers and incident reports. The UK implemented the NIS Directive through The Network and Information Systems Regulations 2018 on 10 May 2018. The NIS Directive addresses security requirements or goals as well as incident reporting together with possible implementation of fines or penalties as determined by EU member governments. The Directive works together with the GDPR Regulation and is, generally, part of the overall EU regime on data security, privacy, and the single digital market. www.erskine-law.com
If you are a New York state small business thinking about exporting to foreign countries or already selling your products abroad, then take a look at Global NY. The new program offers assistance to New York state small businesses who export as well as foreign businesses looking to invest in New York. Peruse the services and programs offered by Global NY, which include loans, grants, export marketing assistance program, state trade expansion program, and applications for each. If your a UK based SME, then consider looking at Open to Export’s country guides as well as seeking out assistance from UK Export Finance. The UK Department for International Trade and the Enterprise Europe Network , which also has a New York Branch (The European-American Business Organization, Inc.) for New York small businesses who seek to trade with Europe. www.erskine-law.com
Is your UK small and medium sized business (SME) involved in import or export? If so, check out the UK Trade Tariff tool and accompanying guidance document “Classify imports and exports using the UK Trade Tariff” outlining the use of the tool for your SME’s import or export activities. The guidance document provides basic information about classification codes, links to additional information (and resources), as well as an email address for classification enquiries; reference is also made to the process of obtaining Binding Tariff Information rulings.
The free on-line UK Trade Tariff is available for your use to look up classification codes. This offers easy access to tariff information by providing commodity code and duty rate listings together with a search engine to facilitate enquiries and allow self-service to commodity code information.-UK Government Guidance Document.
A number of industry/goods specific guides are published by the UK government detailing classification issues. The UK government also published more generalized information on beginning to import or starting to export. www.erskine-law.com
If your small business is interested in export related sales leads take a look at the Empire State Development Marketing Assistance Service Program. There you will find a description of the sales and marketing assistance program offered by New York State promoting “Made In New York” products. There is an application you need to complete to qualify for the program. On the federal level you may want to check out export.gov, which offers a range of market entry and expansion services (some for a fee). While your small business is getting new export sales leads, you may want to pursue the Small Business Administration’s Export Loan Programs. There is a short explanation of the International Trade Loan Program as well as Export Express Loan Program and Export Working Capital Program. All normally require an application. If you are a UK SME, take a look at the UK trade and Investment International Trade Services for Exporters. There you will find information on trade sales leads (registration required) and UK Export Finance. A good overview of UK Export Finance is available on their Overview Page describing the various programs offered. www.erskine-law.com
With the explosion of cloud computing and general internet online activity (think social media) small businesses need to assess their security from business and compliance perspectives. Small businesses in the UK need to be extra vigilant about cyber security given the increased regulations applicable to personal data and data security. Check out Cyber security: what small businesses need to know published by the UK Department for Business Innovation & Skills. The Guidance paper provides a brief overview cyber risks and protection measures. Your UK small business may also review A practical guide to IT security published by the UK Information Commissioner’s Office that briefly discusses data security and your obligations under statutory and regulatory regimes. www.erskine-law.com