"The Cyber Security and Resilience Bill (CSRB), announced in the King's Speech in July 2024, is expected to be introduced this month. The Bill is designed to build upon the existing Network and Information Systems Regulations to mitigate against increasingly dangerous cyber threats. Through expanded and strengthened regulations and compliance mechanisms, the bill will mark a significant moment of change in UK policy. With that in mind, here is your go-to guide to understanding the upcoming changes and challenges for UK businesses."
"The attack took Marks and Spencer months to recover from and cost them an estimated £300 million in profits. Another serious case came in June 2024, when cybercrime gang Qilin targeted NHS pathology provider Synnovis with a ransomware attack. The breach exposed 400GB of patient data, causing the cancellation of over 3,000 appointments. Investigations later linked it to 170 cases of compromised patient care and one associated death after testing services were disrupted."
"In recent years, UK businesses and organisations have experienced a number of severe cyber-attacks and security breaches, exposing the flaws in the NIS Regulations from 2018. The need for better preparedness in the face of evolving cyber threats has never been clearer. These extremely damaging breaches exposed flaws in corporate and organisational cyber-security and have prompted a revision of UK cyber-security regulation."
The Cyber Security and Resilience Bill expands and strengthens the Network and Information Systems Regulations to address increasingly dangerous cyber threats. The Bill widens regulatory scope, grants government and regulators greater enforcement powers, and tightens compliance mechanisms for organisations across critical sectors. Recent high-impact incidents — including an April 2025 ransomware attack on Marks and Spencer that halted online sales and cost an estimated £300 million, and a June 2024 Qilin ransomware attack on Synnovis exposing 400GB of patient data and disrupting thousands of appointments — exposed flaws in current protections. The Bill imposes new obligations on businesses to improve preparedness, incident response, and resilience against ransomware and data breaches.
Read at Business Matters
Unable to calculate read time
Collection
[
|
...
]