The Hull-based telecoms firm, KCOM, has been fined £900k by Ofcom over a failure of their 999 call service back in December 2015. The 4-hour outage resulted in 74 emergency calls failing, so the fine equates to over £10 000 per call (or £225k per hour)! Although Ofcom accepted that the root cause of the disruption was the flooding of a BT exchange in York, they found “serious weaknesses” in KCOM’s continuity planning: the pre-planned back-up routes also used the same BT exchange in York.
If this fine seems high, much worse could be to come as Digital Minister Matt Hancock has announced a consultation on new proposals for fining critical infrastructure providers for disruptions arising from cyber attacks, power failures and natural disasters. The government’s plan is to impose fines of up to £17m (or 4% of global turnover) on firms who experience disruptions as a result of failing to manage risks appropriately. It is very unclear at this stage though what will constitute acceptable risk management.