Cyber Security and Resilience Bill Update
The Bill which was announced during the King's Speech in July 2024, aims to tackle the growing threat of cyber attacks on both the UK's public sector and businesses.
In the latest update, the government highlighted the increasing number of attacks targeting the UK's critical infrastructure. It also acknowledged that current UK laws have not kept pace with these rising threats, leaving vulnerabilities that could hamper growth in the country's digital economy.
The new Bill is designed to bolster the nation's cyber defences and protect a broader range of essential digital services. A key aspect will be the expansions of existing regulations, including widening the scope of the Network and Information Systems Regulations 2018 (NIS Regulations).
While the UK implemented the EU's original Network and Information Security Directive into law in 2018, the EU has since updated its legislation, now known as NIS2 Regulations, which will take effect in the EU from 18 October 2024. The UK government intends to align its own efforts with those of its international counterparts by expanding the NIS Regulations through this Bill.
The update outlines key changes to the UK's regulatory framework, including:
- Expanding the remit of the regulation to protect more digital services and supply chains.
- Putting regulators on a strong footing to ensure essential cyber safety measures are being implemented.
- Mandating increased incident reporting to give government better data on cyber attacks.
Although the previous government consulted on expanding the NIS Regulations in 2022, the current government is actively working with stakeholders to gather input, with further details to be announced in due course.
Upcoming Cyber Security events
Cyber Security updates
Sign-up to get the latest updates and opportunities from our Cyber Security programme.