Businesses in the UK could face up to £122 billion in regulatory penalties for cybersecurity breaches when new EU legislation comes into effect in 2018, says the PCI Security Standards Council (PCI SSC).