Cyber Laws Are Changing: What UK Businesses Need to Know
Cyber threats are evolving – and so are the laws designed to combat them.
The UK government is preparing to introduce the Cyber Security and Resilience Bill, a major update to existing cyber legislation that will expand its scope and tighten obligations for businesses.
Current UK Cyber Law
Currently, UK cyber law includes the Network and Information Systems (NIS) Regulations, which apply to operators of essential services (OES) and relevant digital service providers (RDSPs), such as cloud platforms and search engines.
- Operators of essential services (OES)
- Relevant digital service providers (RDSPs), such as cloud platforms and search engines
If you fall into one of these categories, you must manage risks to your networks and report incidents.
Other Relevant Laws
Other laws include PECR 2003, which governs telecom security, and the Product Security and Telecommunications Infrastructure Act 2022, which targets internet-connected consumer devices.
Cyber threats are evolving – and so are the laws designed to combat them.
Author's summary: UK cyber laws are evolving to combat emerging threats.