New regulations and a code of practice will require firms to protect their networks from the threat of cyber attacks.